[sf-lug] Linux attacked by root kit!

Bobbie Sellers bliss-sf4ever at dslextreme.com
Mon Nov 26 07:21:13 PST 2012


On 11/22/2012 08:37 PM, Rick Moen wrote:
> Quoting Bobbie Sellers (bliss-sf4ever at dslextreme.com):
>
>>  From BitTwister on Usenet.
>>
>> Linux malware is getting better
>>
>> Evildoers can now turn all sites on a Linux server into silent hell-pits
>> http://www.theregister.co.uk/2012/11/21/powerful_linux_rootkit/
> Bobbie, I have two immediate recommendations.
>
> 1.  Please look up what a 'rootkit' is, so you can understand why
> inherently such a thing cannot attack anything or anyone.

     Sorry I should have said that some one with root access however
gained is attacking Linux servers using a root-kit.
>
> 2.  Please don't be so quick to take seriously what trolling yoyos
> at _The Register_ write (nor what antimalware firms' spokescritters
> say to drum up business, either).

     I don't know if those groups are involved in these reports.

>
> Beyond those general points, here's a reasonable specific comment:
> http://lists.debian.org/debian-security/2012/11/msg00036.html
>
> Basically, http://linuxmafia.com/~rick/faq/?page=virus#virus5 is still
> correct.  (I haven't even needed to add more detail to it for seven
> years.)
>
>
     Here is another reference to the same topic,

Linux News
Linux attacked by malware Root Kit
You may have heard of this already but a neat
summary of the story can be found at:

<http://www.h-online.com/open/news/item/Rootkit-infects-Linux-web-servers-1753969.html>

	I accidentally sent this to Rick privately for which
I apologize.

	Bobbie






More information about the sf-lug mailing list