>>> Saint Michael <venefax@xxxxxxxxx> schrieb am 13.06.2021 um 15:32 in Nachricht <CAC9cSOCyDbO9e-rZhQ0jVkKDEanF+DRX6BfPaqOqj3yuBtf0Gw@xxxxxxxxxxxxxx>: > One of the most dramatic hacks to 50+ servers of mine is a bitcoin miner, > xmrig. It installs a service file at /etc/systemd/system, enables it and > kills the machine. > Nobody knows how it propagates. I think that SSHD has been broken in a > foreign land or they just brute-force any machine where > passwordautorization=yes. > The point is, for this list, how can I prevent systemd from adding ANY new > service at all. I am thinking to add chattr +i to /etc/systemd/system, but > want to know if this makes any sense or if there is a better way to do this. The better solution would have been to pick a stronger password IMHO. > Philip _______________________________________________ systemd-devel mailing list systemd-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Antw: [EXT] Block systemd from adding new services
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Antw: [EXT] Block systemd from adding new services
- From: "Ulrich Windl" <Ulrich.Windl@xxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 14 Jun 2021 10:05:25 +0200
- In-reply-to: <CAC9cSOCyDbO9e-rZhQ0jVkKDEanF+DRX6BfPaqOqj3yuBtf0Gw@mail.gmail.com>
- References: <CAC9cSOCyDbO9e-rZhQ0jVkKDEanF+DRX6BfPaqOqj3yuBtf0Gw@mail.gmail.com>
- Follow-Ups:
- Re: Antw: [EXT] Block systemd from adding new services
- From: Andy Pieters
- Re: Antw: [EXT] Block systemd from adding new services
- References:
- Block systemd from adding new services
- From: Saint Michael
- Block systemd from adding new services
- Prev by Date: Re: Are Pathnames in /tmp/systemd-private-foo predictable?
- Next by Date: Re: Are Pathnames in /tmp/systemd-private-foo predictable?
- Previous by thread: Re: Block systemd from adding new services
- Next by thread: Re: Antw: [EXT] Block systemd from adding new services
- Index(es):
 |