rootkit?
David Cary Hart
Fedora at TQMcube.com
Mon Dec 12 18:38:37 UTC 2005
On Sun, 11 Dec 2005 21:19:29 -0500
"Scot L. Harris" <webid at cfl.rr.com> opined:
> On Sun, 2005-12-11 at 21:12, Gene Heskett wrote:
> > On Sunday 11 December 2005 17:50, Scot L. Harris wrote:
> > >On Sun, 2005-12-11 at 16:53, David Cary Hart wrote:
> > >> Just checking the DB, cebridge has zombie problems in TX and
> > >> Ohio. I hope you all have your defenses hardened for a predicted
> > >> viral attack on January 5.
> >
> > Uh huh, and this was a linux system that got kitted. Sitting on
> > the next port of a 100baset switch being fed by the router.
>
> Well he was asking about the sober virus that is suppose to hit out
> there again January 5th. As far as I know that virus targets Windows
> systems only. :)
>
One can hope so but I would certainly disable telnetd and sshd from the
WAN unless absolutely necessary. Only necessary ports should be "open."
Those running mail servers might want to reduce the error-level to
crap-out to reduce consumption on dictionary attacks.
I also have swatch daemons watching several logs for patterns and
promptly adding hackers to the firewall.
--
Our DNSRBL -
Eliminate Spam: http://www.TQMcube.com/spam_trap.php
Multi-RBL Check: http://www.TQMcube.com/rblcheck.php
Zombie Graphs: http://www.TQMcube.com/zombies.php
GeoGraphics: http://www.TQMcube.com/origins.php
More information about the fedora-list
mailing list