Hi, On Wed, 2007-10-03 at 09:05 +0100, Mac wrote: > I hope we can just assume this is FUD. Does anyone more familiar with > server security have anything consoling thoughts? >
AIUI most compromised Windows boxes are due to user error, people not installing patches or firewalls on their windows desktops and laptops. AIUI most compromised Linux boxes are due to user error, people not installing patches for server apps and scripted applications on their Linux servers. Do we see a pattern here? "At one point, he said, the bank spent a month as the largest phishing target in the country, and in fighting this ongoing problem, it has shutdown countless phishing sites surreptitiously installed on countless machines across the net." Phishing sites are AIUI most often installed on compromised server class machines. The bit that does the real damage is the bot that spits out a zillion spam mails containing the link to the server, through potentially compromised servers, but also predominantly through desktops. If their specification during this witch-hunt was to look at the server space for compromised machines then _of_ _course_ they will find Linux boxen - as we know Linux is popular in the web/mail server space. These were possibly running dodgy old copies of apps like drupal and phpbb with naffed up xmlrpc implementations. Lets see the same test done against desktops and laptops shall we? Cheers, Al.
signature.asc
Description: This is a digitally signed message part
-- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.kubuntu.org/UKTeam/
