brute force ssh attack
Matthew Miller
mattdm at mattdm.org
Fri Apr 29 12:48:10 UTC 2005
On Fri, Apr 29, 2005 at 11:57:24AM +0100, Nigel Wade wrote:
> It was completely manual, the virus didn't install itself. It was injected
> by someone breaking in via ssh and then manually downloading an infected
> file. It's not like a STD, it's like a virus which can only be spread by
> direct injection.
That's the difference between a virus and a worm. It *does* have a mechanism
to spread between files on a machine, but doesn't have one to go between
machines without piggybacking on something else. (Which it did.)
> >Where are you getting your "0-49" number from?
> That's the number of infections quoted by Symantec.
Okay. Well, given that this is the second one in the wild I've seen, my
guess is that it's significantly higher than their guess. It's still not
widespread, but it'd be quite the freak of statistics if two of those 50
worldwide were cases I saw.
--
Matthew Miller mattdm at mattdm.org <http://www.mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
Current office temperature: 72 degrees Fahrenheit.
More information about the users
mailing list