[GLLUG] Ebay phishers use Linux botnets

[Lachniet, Mark]

I'm not sure its FUD really.  The source seems credible, despite the
venue of the statement (Microsoft's conference).  But, when you think of
it, what would YOU rather hack.  Hacking a Windows box is only
marginally useful, whereas with a Linux box you have a *compiler* and
other handy items.  You can install proxies, handy daemons, scripts, and
a zillion other little tools that are intended to work over a CLI.  With
Windows you practically need to inject a VNC server process just to do
anything useful.  Plus, the rootkits are a bit easier to install and use
(easier to hide processes, network connections, etc.) in Linux I think,
or at least more mature. 

I'd think that Windows hacks were more numerous, but UNIX hacks were
more prized and useful due to their versatility.

Mark Lachniet
Solutions Architect - Security
Analysts International
3101 Technology Blvd. Suite A
Lansing, MI 48910
(517) 336-1004 (voice)
mailto:mlachniet at analysts.com 

-----Original Message-----
From: linux-user-bounces at egr.msu.edu
[mailto:linux-user-bounces at egr.msu.edu] On Behalf Of Michael Rudas
Sent: Thursday, October 04, 2007 2:26 PM
To: linux-user at egr.msu.edu; Jim Fick
Subject: Re: [GLLUG] Ebay phishers use Linux botnets

Jim Fick wrote:

> Read this story and thought I would share it with you.
> <http://www.techworld.com/security/news/index.cfm?RSS&NewsID=10251>

Smells more-than-a-little like FUD to me, especially when given at a
Microsoft-sponsored meeting-- correct me (please) if I'm wrong, but
don't most (if not all) Linux rootkits require local access for this
kind of privilege escalation?

The number of botnet-infected Windows machines HAVE to vastly outnumber
the number of Linux/Unix/BSD machines so infected-- why would infected
Linux machines command a premium?

-- Mikey
_______________________________________________
linux-user mailing list
linux-user at egr.msu.edu
http://mailman.egr.msu.edu/mailman/listinfo/linux-user