brute force ssh attack
William Hooper
whooperhsd3 at earthlink.net
Thu Apr 28 13:11:18 UTC 2005
Matthew Miller wrote:
> On Thu, Apr 28, 2005 at 09:41:17AM +0100, Nigel Wade wrote:
>
>> For a virus to be viable it has to be communicable. In this instance
>> the virus required manual "injection". Hence the 0-49 infections in 3
>> years, and the virutally zero threat.
>
> But it wasn't quite manual -- happened through sloppy practices.
So it's on the same threat level as a bash script that does "rm -f /*".
If you can get someone to run an executable as root, then you can do just
about anything you want. The only exception would be if they did a good
job with SELinux, but if they did a good job with SELinux they wouldn't be
running unknown executables as root.
--
William Hooper
More information about the users
mailing list