If they could compromise potentially hundreds of thousands of servers they
could likely setup a seemingly legit site, like a CentOS mirror, and take
in data that looks legit.

On Thu, Oct 4, 2018 at 8:54 AM John Hearns via Beowulf <beowulf@beowulf.org>
wrote:

> How does the data get "back to base"  ?
> I would encrypt it within an NTP or a DNS request  - but that assumes
> outgoing NTP/DNS is not firewalled off.
> I guess just encrypted in an HTTP(s) payload makes sense - servers
> make requests to all sorts of software repositories etc.
>
_______________________________________________
Beowulf mailing list, Beowulf@beowulf.org sponsored by Penguin Computing
To change your subscription (digest mode or unsubscribe) visit 
http://www.beowulf.org/mailman/listinfo/beowulf

Reply via email to