There are millions of Linux based servers. These attacks are not personal against Linux, merely that 2/3 of web servers happen to be Linux, and then tend to have a decent amount of bandwidth. They are also likely to have unpatched PHP applications. These Linux servers are also more likely to be unpatched due to some misplaced belief that Linux is somehow inherently more secure.
Anyone who has had to manage a publicly accessible server will know that Linux does not get a free pass. The same security rules apply no matter what your OS is. The attackers do not care what the OS, or why it was made. If they can get control of a machine or a VM they will. The fact that it is so easy to break in and they tend to have nice and fast connections just makes those machines even juicier targets. This is not an attack against open source or an attempt to suppress freely shared information. This is just an evolution of what has already been going on for decades. The economics of malware are no different than they were last month, last year, or the past 10 years. Linux is also not special. A Linux host faces the exact same sort of problems as Windows servers or other Unix hosts. Now that browsers are becoming the application platform de jour, we are going to find out just how bad our graphical environments are from a security perspective. The battleground has already shifted to the web and these sorts of attacks, as well as attacks directly against the browsers, are going to increase in frequency and sophistication. Attacks never get weaker with time. On Fri, Mar 21, 2014 at 10:48 AM, Lewko, Robert <lew...@uleth.ca> wrote: > > On Thu, 2014-03-20 at 12:24 -0600, Greg King wrote: > >> Looks like Linux malware is becoming mainstream. > >> > >> Surf to > >> > http://www.darkreading.com/applications/linux-takeover-artists-fling-35m-spam-me/240166712?cid=email > >> > > > > Thanks for that interesting article Greg. > > > > Some questions come to me as I ponder the situation. > > > > The saying goes: > > First they ignore you > > Then they laugh at you > > Finally they attack you > > > > So it's come to that now has it. > > My questions are not just about getting busy with tightening security. > > But what are the motivating factors? > > Is it greed, organized crime, or an attack on the internet in regards to > > negating the world wide ability to co-operate electronically. > > > > Part of this is controlling our behavior. I have friends (former?) who I > > have had to say cease and desist with the chain letters, etc no matter > > how good you think the cause. > > > > So my question is is who would want to be suppressing freely shared > > information, and what/how would they gain? > > > > Mel > > That's always the key question: qui bono (who benefits)? > > > _______________________________________________ > clug-talk mailing list > clug-talk@clug.ca > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > **Please remove these lines when replying >
_______________________________________________ clug-talk mailing list clug-talk@clug.ca http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
