Sony DRM Rootkit, nothing more needs to be said! <div>On 10/4/07, Karl Schuttler <<a href="mailto:rexykik@gmail.com">rexykik@gmail.com</a>> wrote: <blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Just a little wink wink, "With Windows you practically need to inject a VNC server process just to do anything useful.  Plus, the rootkits are a bit easier to install and use (easier to hide processes, network connections, etc.) in Linux I think, or at least more mature." Botnets aren't controlled over VNC, they are typically controlled over an IRC server. If you were to botnet over VNC, you would have to do tasks individually with each computer. The whole advantage of botnetting is being able to use all the computers' power at the same time. I definitely agree, however, that owning a linux box would be more satisfying than a windows box. But rootkits aren't that difficult to get owned by in windows, and certainly not easier to install than in windows; look at back oriface and the success it had. Installing in Windows would probably be easier, seeing that privilege escalation is much simpler in a windows environment. I don't know about the level of maturity that you mean, but a lot of these backdoor softwares are self propagating. Furthermore, a lot of the zombies in the bot nets aren't going to be used for server hosts themselves, but are more likely to be using mail clients to mail bomb spam to people in order to get them to visit the web server of the phishers. Having a botnet and writing malware for exploiting flaws isn't something that just the hobby hacker is doing anymore, it is an industry that has great payoff, and with anonymity services like Tor, pretty simple to keep from getting caught. Keep in mind that people are being paid to professionally develop this malware. And yes, of course they are going to use linux for some aspects, probably to develop in, host some of their services like the irc server, or the webservers they need to put up a phishing site. I think the difference is that most of the zombies probably aren't linux, but more of the upper management is. Karl On 10/4/07, Michael Rudas <<a href="mailto:audiotech50@gmail.com">audiotech50@gmail.com</a>> wrote: > Mark Lachniet wrote: > > > I'm not sure its FUD really.  The source seems credible, despite the > > venue of the statement (Microsoft's conference).  But, when you think of > > it, what would YOU rather hack. > > But, again, the presentation is titled ("eBay phishers use Linux > botnets")-- and framed ("Phishers are getting more organized and tend > to exploit hacked Linux boxes more than Windows, according to eBay's > security chief.") as though the Linux boxen WERE some sort of > sooper-seekrit botnet in-and-of themselves. > > Deliberate lies and distortion are being used to obscure the truth-- > which is the very DEFINITION of FUD. > _______________________________________________ > linux-user mailing list > <a href="mailto:linux-user@egr.msu.edu">linux-user@egr.msu.edu</a> > <a href="http://mailman.egr.msu.edu/mailman/listinfo/linux-user">http://mailman.egr.msu.edu/mailman/listinfo/linux-user </a> > _______________________________________________ linux-user mailing list <a href="mailto:linux-user@egr.msu.edu">linux-user@egr.msu.edu</a> <a href="http://mailman.egr.msu.edu/mailman/listinfo/linux-user"> http://mailman.egr.msu.edu/mailman/listinfo/linux-user</a> </blockquote></div> -- Running Linux? Are you completely out of your mind.  That thing is a rip-off.  It comes with no viruses, no Trojans, no malware , etc .......