They don't describe how the initial attack/infection happened. They only describe how after infected, the machine is controlled.
Seems useless as a news article. Makes me wonder what kind of traffic they could be trying to get you to filter out. The only seemingly actionable item they gave is watch all SSH traffic for that pattern and then possibly drop the connection? ----- Original Message ----- > Any comments about this little item? > > <http://www.linux-magazine.com/Online/News/Sneaky-New-Linux-Attack-Discovered-in-the-Wild> -- Steven Critchfield [email protected] -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
