[PLUG] Got hacked last night - HELP!

Russ Johnson russj at dimstar.net
Mon Oct 4 16:17:02 UTC 2004


Bill Thoen wrote:

>Well, lucky me. My RH 8 box got hacked again. That makes Linux just as 
>insecure as Windows.
>
How do you figure?

It appears you were running insecurely configured services on your 
system. That's your fault, not the operating systems.

ANY operating system is insecure when it's operated in a manner that 
allows crackers to penetrate.

In other words, don't blame the OS when it's the operator that's at 
fault. Even then, it's not the "OS" that's at fault. It's the ssh 
service, or so it appears. Configure it so it's more secure, and this 
won't happen. Any time you are running a service on the internet, it's 
your responsibility to keep up to date on what vulnerabilities are out 
there with regards to what services you are running on your system.

Not trying to be harsh, but this is a common misconception.

WRT Redhats updates and whatnot, if you don't like how they are doing 
things, maybe it's time to consider a different distribution.

Since your logs indicate that this entire episode happened within the 
space of 10 minutes, I'd suspect it was a script. This indicates that 
the vulnerability that was exploited was well known.

Russ




More information about the PLUG mailing list