[linux-elitists] RedHat drops the other shoe

Eugen Leitl eugen@leitl.org
Thu Feb 27 10:35:02 PST 2003


On Thu, 27 Feb 2003, Greg KH wrote:

> They will just have to download and apply them like everyone used to
> before they came up with up2date.  Can't expect to get ease of use for
> free anymore these days :)

98% of users won't do this because they're not aware of the problem or are
too busy, and thus we'll see a further rise in *nix worms. My old 7.1
RedHat home server was h4x0red/rootkited through an SSL and/or SSH
vulnerability a month or two ago. The worm (the source was interesting
reading; it was a work in progress (prepared for Windows though for now
Linux-only), fairly modular so invingint exploit splugins) was DDoSing
when I caught it. Killing the worm and closing port 80 (the scanner first
looks on 80 and then https standard port) didn't work due to a rootkit.




More information about the linux-elitists mailing list