• TangledHyphae@lemmy.world
    link
    fedilink
    arrow-up
    1
    arrow-down
    1
    ·
    edit-2
    9 months ago

    The slowness is on purpose? To help identify the sshd in question to the attacker which nodes are compromised? What reason(s) could there be?

    • mumblerfish@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      9 months ago

      If the above decides to continue, the code appears to be parsing the symbol tables in memory. This is the quite slow step that made me look into the issue.

      That is from the original find. Not sure the relevance of it and this being proof for it being “on purpose”. But that is the origin of the slowness.