| Sunday May 29th 2016

Linux botnet discovery worry

Bad guys have created a botnet of Linux Web servers. In a way, that’s even more frightening than regular botnets of compromised Windows PCs. Bloggers ask if this is the end for Linux’s claim to be more secure than Windows; or is it just a load of old hokum?

Your humble blogwatcher selected these bloggy morsels for your enjoyment. Not to mention another classic Photoshop disaster…

Dan Goodin warns of a “Linux botnet”:

linux clusterA security researcher has discovered a cluster of infected Linux servers that have been corralled into a special ops botnet of sorts and used to distribute malware. … The infected machines … serve legitimate traffic on port 80, the standard TCP port used by websites. Behind the scenes, the rogue server sends malicious traffic over port 8080.

Malicious payloads are then delivered with the help of dynamic DNS hosting providers, which offer free domain names that are mapped to the IP address of the zombie webserver. … With about 100 nodes, the network is relatively small, making it unclear exactly what the attackers’ intentions are. All of the boxes examined so far have run the Apache webserver on various distributions of Linux.

Linux botnets 1
Windows botnets 4579421634^2

It has 100 nodes and this puts Linux on the same level as Windows? These 100 machines were probably improperly configured or not running the latest security patches.


Related Posts: On this day...

Leave a Reply

You must be logged in to post a comment.