Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


Anatomy of a Unix breach

Aug 01, 2011, 20:00 (2 Talkback[s])

"The whole breach of Will's server started via a password guessing attack against SSH. We have covered this risk repeatedly in ISC diaries. Once the bad guys were in, they ran the commands below, and then apparently used the just installed IRC bots to continue scanning for SSH ports on other systems.

Phase#1: The bad guy tries to find out more about the box he just broke into


uptime
uname -a
w
ifconfig

Phase#2: Bad guy downloads all the Linux root exploits that he has, and just run them, hoping for a lucky break.

Complete Story

Related Stories: