brute force ssh attack
Nigel Wade
nmw at ion.le.ac.uk
Fri Apr 29 13:08:15 UTC 2005
Matthew Miller wrote:
> On Fri, Apr 29, 2005 at 11:57:24AM +0100, Nigel Wade wrote:
>
>>It was completely manual, the virus didn't install itself. It was injected
>>by someone breaking in via ssh and then manually downloading an infected
>>file. It's not like a STD, it's like a virus which can only be spread by
>>direct injection.
>
>
> That's the difference between a virus and a worm. It *does* have a mechanism
> to spread between files on a machine, but doesn't have one to go between
> machines without piggybacking on something else. (Which it did.)
For a virus to be viable it has to be able to infect files in such a way
that those infected files are likely to spread the virus. This one doesn't.
It needs to be spread manually, hence my threat rating of ~0.
--
Nigel Wade, System Administrator, Space Plasma Physics Group,
University of Leicester, Leicester, LE1 7RH, UK
E-mail : nmw at ion.le.ac.uk
Phone : +44 (0)116 2523548, Fax : +44 (0)116 2523555
More information about the fedora-list
mailing list