Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi,
I'm interested in knowing if there are any certified 'infections' of linux distros into a 'botnet'.
Anybody want to venture on just how vulnerable or resistant linux is?
Thanks in advance for your input.
Matthew
Click here to see the post LQ members have rated as the most helpful post in this thread.
My understanding is that all discovered Linux botnets were broken into manually; meaning somebody actually sat there, guessed/cracked the password, and installed their software. There is no automated worm what scans for Linux servers and is able to automatically break in and join them to the botnet, like there are for Windows; and more importantly, don't use a flaw or exploit to gain access, but rely on the server being misconfigured.
This means that the skill required to create and manage a Linux botnet is much higher than a Windows one, and as such they are very uncommon.
There is no automated worm what scans for Linux servers and is able to automatically break in and join them to the botnet, like there are for Windows; and more importantly, don't use a flaw or exploit to gain access, but rely on the server being misconfigured.
Admittedly, patches for this worm were released soon after its discovery. However, the lesson to be learned is that even a Linux machine can have a zero-day vulnerability waiting to be exploited.
You do realize that was nearly a decade ago...right?
I am well aware of the time frame.
Quote:
Originally Posted by MS3FGX
Plus this only effected servers running the exploitable version of BIND, and not the core OS itself (as many Windows exploits do).
I understand how the exploit worked. I also understand that programmers continue to make similar mistakes. As long as people continue to write new code, there will be zero day vulnerabilities, even on Linux. To believe otherwise is magical thinking.
Last edited by David1357; 02-19-2010 at 09:05 AM.
Reason: Added note about magical thinking
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.