If they could compromise potentially hundreds of thousands of servers they could likely setup a seemingly legit site, like a CentOS mirror, and take in data that looks legit.
On Thu, Oct 4, 2018 at 8:54 AM John Hearns via Beowulf <beowulf@beowulf.org> wrote: > How does the data get "back to base" ? > I would encrypt it within an NTP or a DNS request - but that assumes > outgoing NTP/DNS is not firewalled off. > I guess just encrypted in an HTTP(s) payload makes sense - servers > make requests to all sorts of software repositories etc. >
_______________________________________________ Beowulf mailing list, Beowulf@beowulf.org sponsored by Penguin Computing To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf