Re: duqu

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Les Mikesell wrote:
> On Tue, Dec 6, 2011 at 2:18 PM, Karanbir Singh <mail-lists@xxxxxxxxx>
> wrote:
>> On 12/06/2011 08:09 PM, Les Mikesell wrote:
>>> Any luck on  the specific attack path yet?  The linked article
>>> suggests Centos up to 5.5 was vulnerable.
>>
>> We  dont have access to the actual machines that were broken into - so
>> pretty much everything is second hand info.
>>
>> But based on what we know and what we have been told and what we have
>> worked out ourselves as well, its almost certainly bruteforced ssh
>> passwords.
>
> So, coincidence that they were CentOS, and pre-5.6?   Did they have
> admins in common?

Just incompetent ones. I believe I remember a map on the article, and they
had one or more in Poland, and some in southeast Asia, etc.

         mark

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux