Linux botnet discovery points to lazy administrators

"Yes, that's right, a cluster of Linux servers that were running genuine websites had been hacked to include a secondary server (nginx) to combine together as a botnet server. How did this happen, you ask? Traditionally, desktop machines are turned into botnet servers when the user unwittingly clicks on a URL that then inserts the malicious code into the users machine. This is how, in 2006, over 20,000 Windows machines were turned into botnet servers. But for this to happen to a Linux server? There is one explanation — careless, lazy administration.

"Anyone who has read any of my columns long enough knows how I feel about Linux and its security. But even the security offered by Linux isn't enough. Because of Linux's solid reputation, many Linux administrators get their servers up and running and just leave them alone. No updates, no security, no nothing. They just set them up in a corner of a room and forget about them. "Set it and forget it." That was the catch phrase bandying about the Linux community some time ago. But it's an irresponsible idea."

Complete Story

Related Stories:

• The First Linux Botnet?(Sep 13, 2009)
• Botnets must die(Aug 25, 2009)
• On Bugs, Viruses, Malware and Linux(Aug 19, 2009)
• What is a Botnet anyway?(Aug 14, 2009)
• Worm targets Linux routers(Mar 26, 2009)
• New worm infect Linux-based home modem/routers(Mar 25, 2009)
• Security and Your Mother's Linux Box(Jan 06, 2009)
• Editor's Note: What Linux Can Do That Those Big Proprietary Innovators Can't(Sep 19, 2008)