Phishing - Linux boxes are vulnerable
Arthur Pemberton
pemboa at gmail.com
Sat Oct 6 23:46:58 UTC 2007
On 10/6/07, Matthew Miller <mattdm at mattdm.org> wrote:
> On Sat, Oct 06, 2007 at 12:30:18AM -0500, Arthur Pemberton wrote:
> > > Because it's generally pretty easy to tell the operating system a given web
> > > site is running on. Note that they're talking about *phishing sites*, not
> > > the sites from which phishing spam or whatever originates.
> > The question still stands.... how do they know the attacks are from a
> > _rooted_ linux box? You don't need root to put put a phishing site,
> > esp. on a shared host.
>
> Fair enough. They're just using that term incorrectly.
Cool. But I mean, an insure web host is a far cry in terms of security
from a rooted box. Even with the most strict SELinux policies one may
get up a phsishing page. But to get root is a very big deal, and not
something to be said lightly i believe
--
Fedora 7 : sipping some of that moonshine
( www.pembo13.com )
More information about the fedora-list
mailing list