Keith C. Perry on 8 Dec 2014 21:49:44 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] The 'Penquin' Turla

I'm not sure about this write up.  Regular users can launch network listeners on ports above 1024 so that has nothing to do with root access.  That's not an automatic flag for a problem.

Network c&c, although slick, probably would set off heuristic security devices that do higher layer protocol inspection.  Such devices tend to be easy to set off as well.  Manually inspecting traffic would reveal this as well.


On Dec 9, 2014 12:10 AM, "K.S. Bhaskar" <> wrote:
> Anyone know whether this just smoke - - or have other insight to offer?  Thanks.
> Regards
> -- Bhaskar
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --