Re: debian and the malware problem
Am 2005-11-27 15:56:27, schrieb Ron Johnson:
> Rootkits and worms come immediately to mind.
:-)
If you leave ports openund use insecure CGI's
on your server or weak passwords or ...
> What's to stop such malware (which, if it exploits the "right" bug),
> from installing a keylogger (since, remember it's a *root* kit),
How can they install keylogger ?
If you have not configured your system to allow such
> and sending everything someone types thru port 80 to some site in
> Romania?
^^^^^^^
I call this discrimination.
> Or grabbing your /etc/shadow, and doing a dictionary attack to get
> root and user passwords so as to log in via ssh, and do mischief?
Dictionary attacks? Are you dreaming?
I have currently 28 Server online and all Server
running the OpenSSH daemon. The daily (!!!) logs
are realy huge, exactly around 1-5 MByte per server.
Guess why!
In 6 years no one break in!
> Daemon minimalism, firewall maximalism & strong passwords are the
> sine qua non of security, but you're still vulnerable, especially
> if you then do something stupid like turn around and run old, buggy
> versions of PHP, libc6, etc, etc.
:-)
> Ron Johnson, Jr.
> Jefferson, LA USA
Michelle Konzack
Teheran, IRAN
Capital of the american dream of terrorism.
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack Apt. 917 ICQ #328449886
50, rue de Soultz MSM LinuxMichi
0033/3/88452356 67100 Strasbourg/France IRC #Debian (irc.icq.com)
Reply to: