1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

GOT LINUX? PANICK

Discussion in 'Windows Vista' started by STAN STARINSKI, Sep 30, 2009.

  1. STAN STARINSKI

    STAN STARINSKI Guest

    No more Linux security bragging: botnet discovery worry

    Bad guys have created a botnet of Linux Web servers. In a way, that's even
    more frightening than regular botnets of compromised Windows PCs. In IT
    Blogwatch, bloggers ask if this is the end for Linux's claim to be more
    secure than Windows; or is it just a load of old hokum?

    By Richi Jennings. September 14, 2009.

    Your humble blogwatcher selected these bloggy morsels for your enjoyment.
    Not to mention another classic Photoshop disaster...

    Dan Goodin warns of a "Linux botnet":


    A security researcher has discovered a cluster of infected Linux servers
    that have been corralled into a special ops botnet of sorts and used to
    distribute malware. ... The infected machines ... serve legitimate traffic
    on port 80, the standard TCP port used by websites. Behind the scenes, the
    rogue server sends malicious traffic over port 8080.
    ....
    Malicious payloads are then delivered with the help of dynamic DNS hosting
    providers, which offer free domain names that are mapped to the IP address
    of the zombie webserver. ... With about 100 nodes, the network is relatively
    small, making it unclear exactly what the attackers' intentions are. All of
    the boxes examined so far have run the Apache webserver on various
    distributions of Linux.


    StopBadware's Maxim Weinstein has more:


    Over at the Unmask Parasites blog, periodic BadwareBusters.org contributor
    Denis reports on a botweb (a term coined by our own Oliver Day) that he's
    been investigating. ... The blog post contains a much more thorough analysis
    of the issue and is worth a read, especially if you work for a hosting
    provider or manage Linux-based web servers.

    Meanwhile, we've reached out to Denis to see if we can assist in notifying
    providers that are hosting compromised servers.


    Denis Sinegubko is the horse with the mouth:


    It began when I started to notice a new pattern in domains of hidden
    iframes. ... I realized that all those domains were registered with free
    dynamic DNS hosting providers: DynDNS.com and No-IP.com. These sites allow
    anyone to register any third-level domain for free and point it to any
    static or dynamic IP-address. ... most of the third-level domains point to
    different IP addresses. Currently active domains from my list point to 77
    unique IPs all over the world. ... It's time to check if have an
    unauthorized web server working on port 8080.
    ....
    Each server works as a load balancer for other malicious servers used in
    this attack. When you try to load any iframe URL, you get redirected to a
    random server. ... What we see here is a long awaited botnet of zombie web
    servers! A group of interconnected infected web servers with common control
    center involved in malware distribution. ... Who knows what else can those
    infected web server do? They may be involved in SPAM distribution, in DDOS
    attacks, etc. They can do just everything normal zombie computers do, but
    more effectively thanks to better Internet connection.
     
    STAN STARINSKI, Sep 30, 2009
    #1
  3. Kevin John Panzke

    Kevin John Panzke Guest

    Re: MY CELL PHONE RUNS LINUX!

    Gordon's Psychotherapist wrote: > You need more drugs. Your rambling
    is getting old. > > > "STAN STARINSKI" <NoSpam@NoSpam.org> wrote in
    message > news:uaRYEMgQKHA.5052@TK2MSFTNGP06.phx.gbl... > > > > No
    more Linux security bragging: botnet discovery worry > > > > Bad guys
    have created a botnet of Linux Web servers. In a way, that's even > >
    more frightening than regular botnets of compromised Windows PCs. In
    IT > > Blogwatch, bloggers ask if this is the end for Linux's claim to
    be more > > secure than Windows; or is it just a load of old hokum? ><!--coloro:blue--><span style="color:blue <!--/coloro--><!--coloro:green--><span style="color:green <!--/coloro--><!--coloro:darkred--><span style="color:darkred <!--/coloro-->
    > > > By Richi Jennings. September 14, 2009. > > > > Your humble<!--colorc--><!--/colorc--><!--colorc--><!--/colorc--><!--colorc--><!--/colorc-->
    blogwatcher selected these bloggy morsels for your enjoyment. > > Not
    to mention another classic Photoshop disaster... > > > > Dan Goodin
    warns of a "Linux botnet": > > > > > > A security researcher has
    discovered a cluster of infected Linux servers > > that have been
    corralled into a special ops botnet of sorts and used to > >
    distribute malware. ... The infected machines ... serve legiti
     
    Kevin John Panzke, Sep 30, 2009
    #2

Share This Page