Lets face it- 860GF as a super computer? I don't think so.
A quad quad core intel 7240 3GHz node is 192GF (4 ops per clock* 16 cores* 3GHz): your mileage may vary...
Six of these systems would cost less than $100K and give 1.1TF. An infiniband interconnect would cost less than $10K. We are talking a half of a rack of commodity computers...
Any staff from a foreign embassy could purchase 6 of these delivered to a PO box (or warehouse address) in the US and ship them through a diplomatic pouch to their homeland- poof 1.1TF "super computer"
Any US vendor would have difficulty figuring out export control on a qty 6 procurement (not to mention that they could use 6 different vendors).
Ah, but the SucKIT rootkit is particularly useful as it captures all tty i/o at the kernel level: all interaction with sshd is captured in a "sniffer" file. No decryption or packet sniffing needed- the attacker owns the system completely if they have installed SucKIT.
If you don't trust a computer that you have ssh'd into, never ssh or scp from the untrusted computer back into your trusted systems. If the untrusted computer has been compromised, any login sessions that you have from the untrusted computer will expose the passwords if a SucKIT rootkit has been installed.
Slashdot Mirror
Lets face it- 860GF as a super computer? I don't think so. A quad quad core intel 7240 3GHz node is 192GF (4 ops per clock* 16 cores* 3GHz): your mileage may vary... Six of these systems would cost less than $100K and give 1.1TF. An infiniband interconnect would cost less than $10K. We are talking a half of a rack of commodity computers... Any staff from a foreign embassy could purchase 6 of these delivered to a PO box (or warehouse address) in the US and ship them through a diplomatic pouch to their homeland- poof 1.1TF "super computer" Any US vendor would have difficulty figuring out export control on a qty 6 procurement (not to mention that they could use 6 different vendors).
Ah, but the SucKIT rootkit is particularly useful as it captures all tty i/o at the kernel level: all interaction with sshd is captured in a "sniffer" file. No decryption or packet sniffing needed- the attacker owns the system completely if they have installed SucKIT. If you don't trust a computer that you have ssh'd into, never ssh or scp from the untrusted computer back into your trusted systems. If the untrusted computer has been compromised, any login sessions that you have from the untrusted computer will expose the passwords if a SucKIT rootkit has been installed.