Reply to post:

ACHTUNG! Scary Linux system backdoor turns boxes into DDoS droids


If it is some one/some bot brute forcing root using SSH, then the threat footprint has got to be pretty small. Isn't root disabled by default over SSH?

Its been awhile, about a year or so, since I switched from a Linux distribution to using FreeBSD and PC-BSD, but I'm pretty sure none of the major Linux distros will default to allowing something that stupid. So while it is a threat, its apparently not the nuclear apocalypse that some of my more excitable colleagues told me about earlier because most distributions won't allow that kind of behavior without being configured to do so, unless I'm gravely mistaken.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019