Submission + - Sloppy Linux Admins Enable Slow Bruteforcers (blogspot.com) 1

Submitted by badger.foo on Sunday October 04, 2009 @04:34PM

badger.foo writes: Peter N. M. Hansteen reports that a third round of the low-intensity, distributed bruteforce attacks is now in progress, and that sloppy admin practices on Linux systems is the main enabler: The fact that your rig runs Linux does not mean you're home free. You need to keep paying attention. When your spam washer has been hijacked and tries to break into other people's systems, you urgently need to get your act together, right now. The article has more info and references.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Sloppy Linux Admins Enable Slow Bruteforcers

Load All Comments

Search 1 Comments Log In/Create an Account

Comments Filter:

nonstop for years (Score:2)

by treat ( 84622 ) writes:

Although my linux firewall has always been subjected to random brute-force attacks, the pattern of the attacks is somewhat different than it used to be. More attempts of varying usernames, or slow attempts to log in as root.
Interestingly when I tried to modify sshd to not log passwords when attempts are made on bogus accounts, I found that the code was so obfuscated/abstracted that there was no clear place to modify the daemon to log passwords. I quickly decided it wasn't worth it, although I don't understa

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

The primary function of the design engineer is to make things difficult for the fabricator and impossible for the serviceman.

Submission + - Sloppy Linux Admins Enable Slow Bruteforcers (blogspot.com) 1

Sloppy Linux Admins Enable Slow Bruteforcers More Login

Sloppy Linux Admins Enable Slow Bruteforcers

nonstop for years (Score:2)

Slashdot Top Deals

Slashdot