Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: What is a Botnet anyway?

Hash: SHA1

____/ Sermo Malifer on Saturday 15 August 2009 10:21 : \____

> On Fri, 2009-08-14 at 16:26 -0700, nessuno wrote:
>> <Quote>
>> Botnets are networks of Windows PC, which have been taken over by
>> malware programs. While it's theoretically possible that a Mac or a
>> Linux desktop PC could get a botnet malware bug, in practice, their
>> better security makes them harder targets for botnet creators so they
>> avoid them.
>> </Quote>
>> http://www.itworld.com/security/74656/what-botnet-anyway
> Cracked Linux Boxes Used to Wield Windows Botnets
> Posted by Zonk on Fri Oct 05, 2007 08:43 AM
> from the good-alliteration-but-scary-concept dept.
> Security The Internet Linux
> m-stone writes
> "Online auction house eBay recently did a threat assessment to better
> understand the forces ranging against them. The company is keeping the
> fine details under wraps, but the biggest source of danger for the
> company is apparently botnets. You're never going to guess who was
> running them. '[Dave Cullinane, eBay's chief information and security
> officer] noticed an unusual trend when taking down phishing sites. 'The
> vast majority of the threats we saw were rootkitted Linux boxes, which
> was rather startling. We expected Microsoft boxes,' he said. Rootkit
> software covers the tracks of the attackers and can be extremely
> difficult to detect. According to Cullinane, none of the Linux operators
> whose machines had been compromised were even aware they'd been
> infected. Because Linux is highly reliable and a great platform for
> running server software, Linux machines are desired by phishers, who set
> up fake websites, hoping to lure victims into disclosing their
> passwords."
> http://it.slashdot.org/article.pl?sid=07/10/05/1234217

That's not a botnet. These are servers that can be compromised by some bad
programs that are installed on them. A virus is one that replicates.
> The First Linux Botnet
> Linux seems to be a great platform for these little embedded devices.
> Itâs small enough that it can fit in economical hardware, portable
> enough that you can put it on almost any processor and platform, and
> itâs got great networking tools. This particular bot runs on Linux
> Mipsel devices (âMipselâ is the port of Debian Linux on MIPS
> processors). More here
>         Theyâre calling it the first botnet designed for broadband
>         equipment and routers, and that it is. But itâs the first of
>         something else: psyb0t, the first Linux botnet.
> http://www.debian-news.net/2009/03/24/the-first-linux-botnet/

Embedded systems can be tricky to patch. Any embedded OS with some extra
software on top of it, unless properly maintained, can have some remotely
exploitable flaws. Linux has very few such flaws*. Microsoft had at least 5
this month alone and OpenBSD had only like 2 in its very long history.

*Privilege escalation is local, yet the press makes so much noise about it.

- -- 
                ~~ Best of wishes

I've seen Sun monitors on fire off the side of the multimedia lab. I've seen
NTU lights glitter in the dark near the Mail Gate. All these things will be
lost in time, like the root partition last week. Time to die... -- P. Gutmann
http://Schestowitz.com  |  Open Prospects   |     PGP-Key: 0x74572E8E
Tasks: 140 total,   1 running, 139 sleeping,   0 stopped,   0 zombie
      http://iuron.com - knowledge engine, not a search engine
Version: GnuPG v1.4.9 (GNU/Linux)


[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index