Adam, Adam McMaster wrote:
> As for being attacked by botnets, what in the default Ubuntu install > would they be attacking? There are no services running... My experience of this is that Unix/Linux systems get compromised through a users password leaking somewhere. The last attack we saw the password was grabbed through a key-logger on an unpatched Windows system! Having said that, once a hacker has a user name/password they do not need to get root privilege to add your machine to a botnet. User level code can be run to launch distributed DOS attacks or to attempt to propagate the botnet code to other machines. A firewall that only protects against incoming connections does not help with this kind of attack as the botnet code often makes outgoing connections to a controlling node somewhere. The moral of this is keep your passwords secret and don't type them into untrusted machines. Also do not have the same password on more than one system, because if the hacker gets to one machine, he will get to them all (the incident I referred to above was on a set of Linux boxes all using Kerberos authentication as part of AFS. About a dozen or so machines were all compromised as a result. Regards, Tony. -- Tony Arnold, IT Security Coordinator, University of Manchester, IT Services Division, Kilburn Building, Oxford Road, Manchester M13 9PL. T: +44 (0)161 275 6093, F: +44 (0)870 136 1004, M: +44 (0)773 330 0039 E: [EMAIL PROTECTED], H: http://www.man.ac.uk/Tony.Arnold -- [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.kubuntu.org/UKTeam/
