On Sat, 06 Oct 2007 20:41:18 +1300 Maurice Butler <[EMAIL PROTECTED]> wrote:
> EBAY: PHISHERS GETTING BETTER ORGANISED, USING LINUX > > http://s0.tx.co.nz/at/tep34n736205j130069i181588f2c285953a4t9s4z > > "The vast majority of the threats we saw were rootkitted Linux boxes, which > was rather startling. We expected Microsoft boxes," says CISO > This is, of course, b*ll*x. None of the linux boxes are rootkitted at all. The way that they work is to add a subdirectory to the existing url with their code. The usual way they get in - ftp logins aren't encrypted, so sniffing will work easily - and of course many people use ftp ( dreamweaver, etc ) to maintain their sites. The reason that linux is hit hardest: the equivalent hardware can support orders of magnitude more websites using linux/apache when compared to windows/iis - so of course they'll be using linux. It's the mom'n'pop websites that're being targeted by this kind of scam, and they just can't really be expected to be aware of this kind of attack. I wish our press actually knew what they were talking about at times ): Steve
