Linux News
The world is talking about GNU/Linux and Free/Open Source Software
Don't discount software distribution sites as attack vectors
|
Sendmail. Tcpdump. OpenSSH. In addition to being highly useful software products, the Internet sites used to distribute each of these tools were compromised by attackers over the last few years.
With control of the sites, the bad guys replaced the downloadable installation package for each tool with a "Trojanized" version that included a backdoor bundled in the package. By placing their evil versions on the normal, trusted sites enterprises relied on to download their tools, the bad guys had hit upon the ideal mechanism to propagate their malicious code -- duping systems administrators to take the bait and install their wares for them.
|
|
Full Story |
| Subject |
Topic Starter |
Replies |
Views |
Last Post |
| Microsoft compromised |
purplewizard |
2 |
1,080 |
Oct 12, 2005 6:51 AM |
You cannot post until you login.
