Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.os.linux.security > #253
| Newsgroups | comp.os.linux.advocacy, comp.os.linux.security |
|---|---|
| From | JEDIDIAH <jedi@nomad.mishnet> |
| Subject | Re: SSHD rootkit heads up |
| References | <kg7m30$6su$1@dont-email.me> <kg85us$t04$1@dont-email.me> <5127b82b$0$11997$6e1ede2f@read.cnntp.org> |
| Message-ID | <slrnkifj0a.ldk.jedi@nomad.mishnet> (permalink) |
| Date | 2013-02-22 13:50 -0600 |
Cross-posted to 2 groups.
On 2013-02-22, Cola Zealot <Cola_Zealot@fuckoff.com> wrote:
> Lusotec wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
>>
>> Chris Ahlstrom wrote:
>>
>>> https://isc.sans.edu/diary/SSHD+rootkit+in+the+wild/15229
>>>
>>> SSHD rootkit in the wild
>>> Published: 2013-02-21,
>>> Last Updated: 2013-02-22 09:23:59 UTC
>>>
>>> There are a lot of discussions at the moment about a SSHD rootkit
>>> hitting mainly RPM based Linux distributions.
>>> Thanks to our reader unSpawn, we received a bunch of samples of
>>> the rootkit. The rootkit is actually a trojanized library that
>>> links with SSHD and does *a lot* of nasty things to the system.
>>
>> Here are some more interesting information on that.
>> http://www.webhostingtalk.com/showthread.php?t=1235797
>
> Yup, maybe Linux is insecure by design?
So that's why we're talking about rootkits here and not
malformed JPEG documents or bad websites...
[deletia]
You're like Typhoid Mary over there trying to screech that someone
else is some sort of biohazard.
--
"If I give you a pfennig, you will be one pfennig richer and
I'll be one pfennig poorer. But if I give you an idea, you will |||
have a new idea, but I shall still have it, too." / | \
~ Albert Einstein
Back to comp.os.linux.security | Previous | Next — Previous in thread | Next in thread | Find similar
Re: SSHD rootkit heads up Lusotec <nomail@nomail.not> - 2013-02-22 16:22 +0000
Re: SSHD rootkit heads up "Cola Zealot" <Cola_Zealot@fuckoff.com> - 2013-02-22 19:27 +0100
Re: SSHD rootkit heads up JEDIDIAH <jedi@nomad.mishnet> - 2013-02-22 13:50 -0600
Re: SSHD rootkit heads up Snit <usenet@gallopinginsanity.com> - 2013-02-22 21:11 -0700
Proprietary software vulnerability causes rootkit injection Homer <usenet@slated.org> - 2013-02-23 03:57 +0000
Re: Proprietary software vulnerability causes rootkit injection Snit <usenet@gallopinginsanity.com> - 2013-02-23 10:04 -0700
Re: Proprietary software vulnerability causes rootkit injection "Cola Zealot" <Cola_Zealot@fuckoff.com> - 2013-02-23 22:39 +0100
Re: Proprietary software vulnerability causes rootkit injection Snit <usenet@gallopinginsanity.com> - 2013-02-23 15:25 -0700
Re: Proprietary software vulnerability causes rootkit injection "Cola Zealot" <Cola_Zealot@fuckoff.com> - 2013-02-24 11:34 +0100
Re: Proprietary software vulnerability causes rootkit injection fuyang <cei@mail.huafeng.cma.gov.cn> - 2013-02-24 14:00 +0100
Re: Linux vulnerability causes rootkit injection "Cola Zealot" <Cola_Zealot@fuckoff.com> - 2013-02-24 16:42 +0100
Re: Linux vulnerability causes rootkit injection Hadron<hadronquark@gmail.com> - 2013-02-24 16:48 +0100
Re: Linux vulnerability causes rootkit injection "Ezekiel" <zeke@nosuchemail.com> - 2013-02-24 10:55 -0500
Re: Linux vulnerability causes rootkit injection GreyCloud <mist@cumulus.com> - 2013-02-24 09:34 -0700
Re: Linux vulnerability causes rootkit injection Denis McMahon <denismfmcmahon@gmail.com> - 2013-03-07 05:45 +0000
Re: Linux vulnerability causes rootkit injection Jim Beard <jdbeard@patriot.net> - 2013-03-07 10:05 -0500
Re: Linux vulnerability causes rootkit injection GreyCloud <mist@cumulus.com> - 2013-03-07 12:36 -0700
csiph-web