Phishing - Linux boxes are vulnerable
Claude Jones
cjones at levitjames.com
Thu Oct 4 18:18:03 UTC 2007
"More interesting is that most of the compromised machines were not Windows
machines. "The vast majority of [the phishing sites] we saw were on
rootkit-ed Linux boxes, which was rather startling. We expected a
predominance of Microsoft boxes and that wasn't the case.""
http://tinyurl.com/36nfsm
The above comments were made at a MS sponsored conference. MicroSoft has a
history of sponsoring stuff like this. Even if it was an exaggeration - I've
never heard of a big problem with Linux boxes getting root-kitted - is it
something happenning under the radar? I've read over and over that Linux is
much more secure than it's big counterpart - what sorts of vulnerabilities
are people opening up to allow Linux machines to be root-kitted? I am aware
of the ssh problem, and have followed the discussions on locking down ssh for
years, including the other thread that's running currently. What other sorts
of things must people do to open themselves up to being rootkitted? This is
the first time I've seen such a claim, and it took me by surprise...so, I'm
asking.
--
Claude Jones
Brunswick, MD, USA
More information about the fedora-list
mailing list