Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


Worm targets Linux routers

Mar 26, 2009, 17:31 (2 Talkback[s])
(Other stories by Gareth Halfacree)

"Because the worm relies on insecure passwords -- or devices which have not been reconfigured from their default settings -- the group claims that “ninety per cent of the routers and modems participating in this botnet are [doing so] due to user error." While it's always good advice to choose a very secure password for Internet-facing devices, it's unlikely that anyone reading a security blog needs telling.

"The payload of the worm is interesting: as well as allowing full remote control of the router via an IRC channel, the malware uses packet inspection techniques in an attempt to sniff traffic for usernames and passwords to web sites and e-mail accounts. The worm also attempts to resist disinfection by locking out telnet, SSH, and web access to the device's management functionality -- preventing the device from being flashed with a known-clean firmware."

Complete Story

Related Stories: