Re: duqu

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]




Dec 7, 2011 5:58 AM Lamar Owen <lowen@xxxxxxxx> 작성:

> On Tuesday, December 06, 2011 04:45:04 PM Johnny Hughes wrote:
>> If I had to guess, I would say that the attackers probably developed
>> their code on CentOS, so they were looking for a CentOS machine to
>> deploy their code on in the wild.  That would be why I would say CentOS
>> was the OS used.
> 
> I read the Kaspersky article and the comments, and the use of 'up2date' in the transcript could possibly point to someone used to upstream EL.  But it does illustrate three major points:
> 3.) Keep good passwords.  This can't be stressed enough: if your password was successfully brute-forced it is now in the brute-forcer's *dictionary* of passwords to try in the future and should never be used again, regardless of how secure it might seem.  I happen to have a copy of an older brute-forcer dictionary here (somewhere) and it's very large and has lots of very secure-seeming passwords in it.
> 
Why not don't allow root login from ssh? That's basic yet effective. 
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux