[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: brute force ssh attack



Jeff Vian wrote:
[snip]
>> It has no escalation mechanism, so can only infect ELF files to which
>> the user infected has write permission.
>>
>> Threat ~0.
>>
>>
>>
>
> not true. it also infects files in /bin as stated by symantic and as
> stated by Daniel.  Thus it has some method of getting root privileges.

Inexperienced sysadmins.

Daniel Kirsten wrote:
"Yesterday, I examined the directory ~daikanyama/.undernet and probably I
executed mech as root. The file mech is indeed infected by Linux/Rst-B.
This explains everything......."

-- 
William Hooper


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]