Some time ago we started to redirect to SSH honeypots in the test mode the outer SSH port from Turrises of some volunteers from the development team. For the biggest number of attackers to “talk“ to us, we allowed in honeypot the login into root by random password; despite this most of bots will anyway do nothing and they will immediately disconnect themselves even after unsuccessful attempt.
Falsification of RSA signatures according to Bleichenbacher
During past days the errors of bash interpreter called Shellshock shaded other messages including errrors in NSS influencing the verification of certificates in Firefox and Chrome. The matter concerned is another instance of not quite common vulnerability which, however, occurs repeatedly: Bleichenbacher´s attack on RSA with little public exponent, typically 3.
The world of domains in numbers (and graphs)
After some time I would once again like to come back to the domain statistics and question about how many domains there are in the world. This time I will accompany the number 276 million representing the total number of registered domains by several graphs and information based on statistics of the organizations Verisign and CENTR (Council of European National Top Level Domain Registries).
Europe has new legislation: it will influence e-signature, data boxes as well as server certificates
At the end of July the Council of Ministers of EU approved new legislation which for almost three years of preparations became common as eIDAS. The regulation on electronic identification and trustworthy services for electronic transactions in the internal market and on the abolition of directive 1999/93/EC which is the whole official name of eIDAS was a few days ago published in the Official Reports and so we can have a look at which essential changes it brings and how it will affect the electronic services and the Internet in the Czech Republic.
Anomalies, botnets, malicious Web sites and attacks on Synology NAS drives, or Where does Turris help?
In our Turris project, in addition to taking preventive measures that would protect users against various attacks from the outside, we also do other activities. Those include contacting clients from whose side we detect attempts to connect to IP addresses that are known to be botnets’ command and control centers, or blocking IP addresses that are used by websites to perform malicious attacks on users. During that time we have seen some curious incidents that I would like to briefly outline here.