brute force ssh attack
Matthew Miller
mattdm at mattdm.org
Wed Apr 27 21:14:37 UTC 2005
On Wed, Apr 27, 2005 at 05:21:45PM +0100, Nigel Wade wrote:
> >Looks like it spread to root from a user account in this case. Threat is
> >obviously somewhat greater than 0. Caution and good practices are still
> >required.
> There's no evidence that the virus escalated its own privilege. More likely
> that a root process executed an infected binary.
I agree -- and that's exactly why this shouldn't be dismissed as "0 threat".
--
Matthew Miller mattdm at mattdm.org <http://www.mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
Current office temperature: 80 degrees Fahrenheit.
More information about the users
mailing list