Sloppy Linux Admins Enable Slow Brute-Force Attacks 391
Posted
by
kdawson
from the time-lapse-intrusion-monitering dept.
from the time-lapse-intrusion-monitering dept.
badger.foo passes on the report of Peter N. M. Hansteen that a third round of low-intensity, distributed brute-force attacks is now in progress — we earlier discussed the first and second rounds — and that sloppy admin practice on Linux systems is the main enabler. As before, the article links to log data (this time 770 apparently already compromised Linux hosts are involved), and further references. "The fact that your rig runs Linux does not mean you're home free. You need to keep paying attention. When your spam washer has been hijacked and tries to break into other people's systems, you urgently need to get your act together, right now."
Re:Outward facing systems ... (Score:5, Funny)
Or you could just not use weak passwords.
Re:learn to.... (Score:5, Funny)
Re:Simple solution! (Score:2, Funny)
chmod 0 `find /`
guilty! (Score:1, Funny)
I haven't updated my server since 2004. it runs debian 3.
There were all kinds of root logins from brazil last month, so I did permitRootLogin no but haven't got any farther than that yet.
It is colocated and they haven't sent a bill in 4 years so I don't want to go in and upgrade it or they might realize it is there!
Re:A measely 6k attempts over 4 days? Who cares? (Score:5, Funny)
Because it involves Linux boxes, and nothing gets the /. crowd riled up more than an assertion that Linux suffers from drawbacks. :P
You're right, though, in that good security practices should be just as effective in this case - which is why the title of the article is "Sloppy Linux Admins Enable Slow Bruteforce Attacks".
Yes, as opposed to "Typical Windows Admins Enable Rapid Bruteforce Attacks"
Re:A REALLY SLOW attack ... (Score:5, Funny)
I run windows so I'm safe.
Re:Ask Slashdot (Score:3, Funny)
She then turned back around and asked me if she had checked my ID. I gave her a hard time because in this system I am assumed to be untrustworthy until she says otherwise so she shouldn't trust anything I tell her.
Oh, how I laughed as her collegues repeatedly probed my anal cavity with their rough, unlubricated hands.
Re:Outward facing systems ... (Score:3, Funny)
Why do people assume that "the lan" is some magical secure place?
Because I don't let just anybody into my home and I don't have a wireless network either? And somehow I doubt somebody will break into my house just to hijack another linux box, but when they do they'll probably access the box directly instead of over the network.
Re:Ask Slashdot (Score:4, Funny)
"She then turned back around and asked me if she had checked my ID. I gave her a hard time because in this system I am assumed to be untrustworthy until she says otherwise so she shouldn't trust anything..."
So how did the 'totally picked you at random' body cavity search go then?
Re:overly paranoid (Score:1, Funny)
This fool littered highway, where is it exactly? I've been doing this crap near on 20 years now and I've never had root lost.
What about shared?
Re:Outward facing systems ... (Score:4, Funny)
"DING DONG"
you: answer door; Hello?
guy: Hi I'm from linux, I'm here to install a critical patch.
you: huh? from where?
guy: linux, linus sent me, I need to patch your computers..
you: LINUS? REALLY?
guy: yes, here is my official linux ID, and we have a nice CD full of new unreleased software for your trouble...
Damn linux hackers are getting better and bolder every day.
Izzat a challenge? (Score:1, Funny)
Post your IP, then!
PS: mine is 127.0.0.1, kiddies.