tag:blogger.com,1999:blog-8889285000186294932.post7401393945005400236..comments2024-03-17T02:45:18.077-07:00Comments on Ken Felix Security Blog: Should we be loosing faith in FortinetUnknownnoreply@blogger.comBlogger2125tag:blogger.com,1999:blog-8889285000186294932.post-81273612038239811272016-01-18T17:30:14.669-08:002016-01-18T17:30:14.669-08:00I want to correct you. Fortinet didn't find th...I want to correct you. Fortinet didn't find this, a 3rd party found this backdoor from the hashed password and challenge.<br /><br />It should make all wonder who else has backdoor, or as fortinet states "management vulnerability".<br />socpuppetshttps://www.blogger.com/profile/13096043188091774607noreply@blogger.comtag:blogger.com,1999:blog-8889285000186294932.post-12904777751752170212016-01-18T09:26:45.800-08:002016-01-18T09:26:45.800-08:00There is no reason here to lose faith in Fortinet....There is no reason here to lose faith in Fortinet. They discovered this authentication vulnerability in their SSH (it's not a backdoor) over 18 months ago and corrected it.<br /><br />Different SSH implementations have had a variety of different vulnerabilities over time. OpenSSH just announced one: http://www.eweek.com/security/openssh-flaw-exposes-linux-servers-to-roaming-risk.html<br /><br />If you want to lose faith in a "security company" then lose faith in Juniper. They allowed a REAL backdoor to sit in their code for over three years!<br /><br />http://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors/<br />CyberNorrishttps://www.blogger.com/profile/06139884725936816775noreply@blogger.com