Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.os.linux.advocacy > #165996

Re: SSHD rootkit heads up

Newsgroups comp.os.linux.advocacy, comp.os.linux.security
From JEDIDIAH <jedi@nomad.mishnet>
Subject Re: SSHD rootkit heads up
References <kg7m30$6su$1@dont-email.me> <kg85us$t04$1@dont-email.me> <5127b82b$0$11997$6e1ede2f@read.cnntp.org>
Message-ID <slrnkifj0a.ldk.jedi@nomad.mishnet> (permalink)
Date 2013-02-22 13:50 -0600

Cross-posted to 2 groups.

Show all headers | View raw

On 2013-02-22, Cola Zealot <Cola_Zealot@fuckoff.com> wrote:
> Lusotec wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
>> 
>> Chris Ahlstrom wrote:
>> 
>>>    https://isc.sans.edu/diary/SSHD+rootkit+in+the+wild/15229
>>> 
>>>    SSHD rootkit in the wild
>>>    Published: 2013-02-21,
>>>    Last Updated: 2013-02-22 09:23:59 UTC
>>> 
>>>    There are a lot of discussions at the moment about a SSHD rootkit
>>>    hitting mainly RPM based Linux distributions.
>>>    Thanks to our reader unSpawn, we received a bunch of samples of
>>>    the rootkit. The rootkit is actually a trojanized library that
>>>    links with SSHD and does *a lot* of nasty things to the system.
>> 
>> Here are some more interesting information on that.
>> http://www.webhostingtalk.com/showthread.php?t=1235797
>
> Yup, maybe Linux is insecure by design?

   So that's why we're talking about rootkits here and not
malformed JPEG documents or bad websites...

[deletia]

   You're like Typhoid Mary over there trying to screech that someone
else is some sort of biohazard.

-- 
    "If I give you a pfennig, you will be one pfennig richer and     
    I'll be one pfennig poorer. But if I give you an idea, you will     |||
    have a new idea, but I shall still have it, too."                  / | \
~ Albert Einstein

Back to comp.os.linux.advocacy | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

SSHD rootkit heads up Chris Ahlstrom <OFeem1987@teleworm.us> - 2013-02-22 06:51 -0500
  Re: SSHD rootkit heads up chrisv <chrisv@nospam.invalid> - 2013-02-22 09:29 -0600
  Re: SSHD rootkit heads up Lusotec <nomail@nomail.not> - 2013-02-22 16:22 +0000
    Re: SSHD rootkit heads up "Cola Zealot" <Cola_Zealot@fuckoff.com> - 2013-02-22 19:27 +0100
      Re: SSHD rootkit heads up JEDIDIAH <jedi@nomad.mishnet> - 2013-02-22 13:50 -0600
        Re: SSHD rootkit heads up DFS <nospam@dfs.com> - 2013-02-22 15:11 -0500
        Re: SSHD rootkit heads up Snit <usenet@gallopinginsanity.com> - 2013-02-22 21:11 -0700
      Re: SSHD rootkit heads up RayLopez99 <raylopez88@gmail.com> - 2013-02-22 16:07 -0800
    Proprietary software vulnerability causes rootkit injection Homer <usenet@slated.org> - 2013-02-23 03:57 +0000
      Re: Proprietary software vulnerability causes rootkit injection TomB <tommy.bongaerts@gmail.com> - 2013-02-23 06:46 +0000
        Re: Proprietary software vulnerability causes rootkit injection Snit <usenet@gallopinginsanity.com> - 2013-02-23 10:03 -0700
          Re: Proprietary software vulnerability causes rootkit injection TomB <tommy.bongaerts@gmail.com> - 2013-02-24 10:44 +0000
        No conclusive evidence as to what causes rootkit injection "Ezekiel" <zeke@nosuchemail.com> - 2013-02-23 18:05 -0500
          Re: No conclusive evidence as to what causes rootkit injection TomB <tommy.bongaerts@gmail.com> - 2013-02-24 10:26 +0000
            Re: No conclusive evidence as to what causes rootkit injection "Ezekiel" <zeke@nosuchemail.com> - 2013-02-24 08:29 -0500
      Re: Proprietary software vulnerability causes rootkit injection Snit <usenet@gallopinginsanity.com> - 2013-02-23 10:04 -0700
        Re: Proprietary software vulnerability causes rootkit injection "Cola Zealot" <Cola_Zealot@fuckoff.com> - 2013-02-23 22:39 +0100
          Re: Proprietary software vulnerability causes rootkit injection Snit <usenet@gallopinginsanity.com> - 2013-02-23 15:25 -0700
            Re: Proprietary software vulnerability causes rootkit injection "Cola Zealot" <Cola_Zealot@fuckoff.com> - 2013-02-24 11:34 +0100
              Re: Proprietary software vulnerability causes rootkit injection fuyang <cei@mail.huafeng.cma.gov.cn> - 2013-02-24 14:00 +0100
                Re: Linux vulnerability causes rootkit injection "Cola Zealot" <Cola_Zealot@fuckoff.com> - 2013-02-24 16:42 +0100
                Re: Linux vulnerability causes rootkit injection Hadron<hadronquark@gmail.com> - 2013-02-24 16:48 +0100
                Re: Linux vulnerability causes rootkit injection "Ezekiel" <zeke@nosuchemail.com> - 2013-02-24 10:55 -0500
                Re: Linux vulnerability causes rootkit injection GreyCloud <mist@cumulus.com> - 2013-02-24 09:34 -0700
  Re: SSHD rootkit heads up TomB <tommy.bongaerts@gmail.com> - 2013-02-22 17:56 +0000
  Re: SSHD rootkit heads up owl <owl@rooftop.invalid> - 2013-02-22 19:51 +0000

csiph-web