[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: brute force ssh attack



Matthew Miller wrote:
> On Thu, Apr 28, 2005 at 09:41:17AM +0100, Nigel Wade wrote:
>
>> For a virus to be viable it has to be communicable. In this instance
>> the virus required manual "injection". Hence the 0-49 infections in 3
>> years, and the virutally zero threat.
>
> But it wasn't quite manual -- happened through sloppy practices.

So it's on the same threat level as a bash script that does "rm -f /*". 
If you can get someone to run an executable as root, then you can do just
about anything you want.  The only exception would be if they did a good
job with SELinux, but if they did a good job with SELinux they wouldn't be
running unknown executables as root.

-- 
William Hooper


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]