Yea you're right. 500ms vs 10ms on an older server. Was thrown off by this statement and thought only the perf/valgrind/gdb attachments were what really brought it to surface.
> Initially starting sshd outside of systemd did not show the slowdown, despite
the backdoor briefly getting invoked. This appears to be part of some
countermeasures to make analysis harder.
Performance was much worse but not enough to actually nudge the author into digging into it until the random ssh logins started piling up:
> Initially starting sshd outside of systemd did not show the slowdown, despite the backdoor briefly getting invoked. This appears to be part of some countermeasures to make analysis harder.
Performance was much worse but not enough to actually nudge the author into digging into it until the random ssh logins started piling up:
https://twitter.com/AndresFreundTec/status/17741907437768663...
https://nitter.poast.org/AndresFreundTec/status/177419074377...