[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Found, a new rootkit



On Fri, 2006-03-31 at 18:30 -0500, Gene Heskett wrote:
> On Friday 31 March 2006 15:19, Craig White wrote:
> >On Fri, 2006-03-31 at 13:39 -0600, Les Mikesell wrote:
> >> On Fri, 2006-03-31 at 13:20, Gene Heskett wrote:
> >> > >They use these botnets to distribute spam, launch DDOS, or
> >> > > whatever else their imagination came come up with.  Either of
> >> > > those would contribute to an increase in bandwidth usage.
> >> >
> >> > Humm, we were in fact subjected to a DDOS attack early last sunday
> >> > morning, which lead to the traffic servers demise & rebuild.
> >> > Got us listed at spamcop & our mail died.
> >>
> >> Or more likely, your box was participating in a DDOS. Do
> >> you have any idea what exploit might have been used to
> >> install the programs you found?
> >
> >----
> >My money is on sshd - somebody with a weak password.
> >
> We found a couple that were downright 
> stupid/dumb/assinine/all_of_the_above.
> 
> Fixed, with a cluex4 upside the head to the parties involved.
----
users do what users do

it's actually the fault of the admins who don't use any password
checking mechanisms, but I suppose that it's more feasible to blame
stupid users...of course, I would never do such a thing  ;-)

Craig


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]