[GLLUG] Ebay phishers use Linux botnets
Stanley C. Mortel
mortel at cyber-nos.com
Thu Oct 18 17:14:10 EDT 2007
At 12:09 PM 10/4/2007 -0400, you wrote:
>Content-class: urn:content-classes:message
>Content-Type: multipart/alternative;
> boundary="----_=_NextPart_001_01C806A0.F6807CC5"
>
>Read this story and thought I would share it with you.
>
>
>
>http://www.techworld.com/security/news/index.cfm?RSS&NewsID=10251
>
>
>
>James A. Fick, Jr
Thanks for the link Jim. Some points that got my attention:
"We see a lot of [root-kitted] Linux machines used in phishing ... We see
them as part of the command and control networks for botnets, but we rarely
see them be the actual bots. Botnets are almost uniformly Windows-based."
"Since Linux machines can be used to more easily create specially crafted
networking packets, they can be used in highly sophisticated online attacks
... Capabilities like this make Linux machines highly coveted by online
attackers, and they fetch a premium in the underground marketplace for
compromised machines..."
It is an interesting article to read and I think a good starting point for
a series of GLLUG meeting topics. What do you all think about having a few
meetings focused on practical aspects of securing Linux boxes? In
particular, I'd like to find out about tools to detect rootkits on my Linux
systems. I have such tools for the Windows boxes, but not Linux.
As linux gets more widespread, attacks on it will surely increase. We seem
to be in agreement that we want to "spread the word" and get folks using
Linux and FOSS. I suppose my feeling is that we are thereby committed to
helping ensure the deployments are reasonably secure.
****************************
Stan Mortel
mortel at cyber-nos.com
****************************
More information about the linux-user
mailing list