“Yes, that’s right, a cluster of Linux servers that were running
genuine websites had been hacked to include a secondary server
(nginx) to combine together as a botnet server. How did this
happen, you ask? Traditionally, desktop machines are turned into
botnet servers when the user unwittingly clicks on a URL that then
inserts the malicious code into the users machine. This is how, in
2006, over 20,000 Windows machines were turned into botnet servers.
But for this to happen to a Linux server? There is one explanation
— careless, lazy administration.“Anyone who has read any of my columns long enough knows how I
feel about Linux and its security. But even the security offered by
Linux isn’t enough. Because of Linux’s solid reputation, many Linux
administrators get their servers up and running and just leave them
alone. No updates, no security, no nothing. They just set them up
in a corner of a room and forget about them. “Set it and forget
it.” That was the catch phrase bandying about the Linux community
some time ago. But it’s an irresponsible idea.”
Linux botnet discovery points to lazy administrators
By
Jack Wallen
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis