[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 22 June 2010 20:37, Gordon Henderson <gordon+dcglug@xxxxxxxxxx> wrote: > And who says Linux isn't targetted by scammers, etc... Linux desktops aren't.. this is just run of the mill stuff you get when you plug any server into the internet. The main difference between Linux/UNIX and Windows servers historically has been : a) Quite a few "windows" of vulnerability for IIS/SQL Server/ASP/etc where servers or system software are shipped with unpatched vulnerabilities and you needed to keep your server behind a firewall blocking all services for hours or days until all the service packs and patches have been applied (at some points in the last few years tests have demonstrated a standard Windows Server install with no 3rd party software being compromised within **minutes** of being plugged into the internet) b) Windows servers provide a very standard profile to attack, even allowing for service packs and updates, but Linux distros and versions differ enough to break most pre-packaged exploit scripts such as the one provided. c) Linux (and windows to lesser degree) servers tend to be almost entirely compromised through 3rd party software vulnerabilities, usually in PHP web applications, rather than the system software itself. I've never had one of my Linux boxes compromised, despite a lot of hostile traffic targetting either weak ssh passwords or php applications/mis-configuration, even with out-of-the-box configuration left in place for weeks on some new servers. > I noticed this in a log-file earlier - I see this sort of thing regularly, > but thought I'd post one here for you: > .... > So there you go - Linux *is* being targetted and obvously the target above > is for some specific site running some specific version of some software, > but who knows! It's targetting a PHP app running on any *nix with GNU tools installed, could work (or not) as likely on solaris, freebsd or linux, even windows running servers via cygwin :) A. -- Aaron J Trevena, BSc Hons http://www.aarontrevena.co.uk LAMP System Integration, Development and Consulting -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html