Phishing - Linux boxes are vulnerable
Les Mikesell
lesmikesell at gmail.com
Thu Oct 4 19:32:27 UTC 2007
Mike Wright wrote:
> Jacques B. wrote:
> <snip />
>> I'm no expert on this topic. But I do know a case where the
>> application that was running on the web server was exploited due to a
>> vulnerability in that application, not in Apache or the Linux box. I
>> suspect that is the case more often than not. Someone compromises a
>> web site that is running a vulnerable application. That site happens
>> to be hosted on a Linux box (because let's face it, a lot of web
>> servers out there run on *nix).
>>
>
> Hi Jacques.
>
> I think you're right on the money there. Google for phpbb and hack for
> an example of your point.
There's also a huge amount of ssh password-guessing going on, and with
most distos, ssh is enabled by default on port 22. What I've seen
appears to be very carefully time-constrained as though the programs
doing it are trying large numbers of machines at once and limiting the
attempts to any single machine to avoid notice.
--
Les Mikesell
lesmikesell at gmail.com
More information about the fedora-list
mailing list