• TangledHyphae@lemmy.world
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      edit-2
      9 months ago

      The slowness is on purpose? To help identify the sshd in question to the attacker which nodes are compromised? What reason(s) could there be?

      • mumblerfish@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        9 months ago

        If the above decides to continue, the code appears to be parsing the symbol tables in memory. This is the quite slow step that made me look into the issue.

        That is from the original find. Not sure the relevance of it and this being proof for it being “on purpose”. But that is the origin of the slowness.