Boscoe wrote:
> On 06/03/2010 24 PM, DanS wrote:
>>
>> So where is it (the Linux malware)? You'd think that if it was growing
>> that fast (as fast as this article would like you to believe), there
>> would be some out in the wild infecting Linux boxes left and right.
>>
>> I mean, come on it's been nearly 4 years.....maybe they need better
>> programmers.
>
>
> Here's but two to be going on with...
>
> http://www.linux.com/archive/feature/125548
From the article
"One great unknown thus far is how the servers come to be infected.
Absent any forensic evidence of break-ins, the current thinking is that
the malware authors gained access to the servers using stolen root
passwords. The earliest known victims, according to quotes by
researchers in this ComputerWorld story, were sites run by large
hosting companies, which could give attackers root access to hundreds or
even thousands of Web sites when compromised."
> http://www.theregister.co.uk/2009/09/12/linux_zombies_push_malware/
From the article:
"It's unclear exactly how the servers have become infected. Sinegubko
speculates they belong to careless administrators who allowed their root
passwords to be sniffed. Indeed, the part of the multi-staged attack
that plants malicious iframes into legitimate webpages uses FTP
passwords that have been stolen using password sniffers. It's likely the
zombie servers were compromised in the same fashion, he explained."
With any OS, a strong password is essential for security. Linux wasn't
vulnerable, the passwords were.
>
> And the typical Linux users responses to what is after all, a glorified
> DOS system.
Wrong again, Bucko. Unix has been around a lot longer than DOS so the
truthful way to say it is that DOS is a bastardized form of Unix.
--
Alias