Recent blog posts

The first Linux botnet?

Recent reports have it that Linux has been infected by its first botnet. In one word: "Nah."

By sjvn  35 comments

September 12, 2009, 9:41 PM Has Linux security been breached? Are Linux systems in danger of being transformed into botnet zombies the way millions of Windows PCs have been? In a word: "Nah."

According to a report in The Register, A Russian security researcher, Denis Sinegubko, has discovered a cluster of infected Linux servers that have been corralled into a botnet, which is then used to distribute malware to Windows users.

Ah, Windows fans everywhere, I hate to break this to you but compromised Linux servers have been used for ages to run Windows botnets. After all, if you had a couple of hundred of thousand Windows PCs at your beck and call would you use Windows to control them? Of course not!

Yes, Linux servers have been broken into manually. There is not, I repeat, is not, any malware that automatically convert Linux desktops or servers into virus-spreading boxes. All that has happened is that someone, as many others have in the past, has busted into improperly secured Linux servers.

I've said it before. I'll say it again. Security is a process, not a product.

I don't care if you're running Windows 7, Linux, or OS/2, if you don't keep your programs updated and use reasonable security such as non-trivial passwords and basic firewalls, you're in danger of having your PC broken into.

The difference between the 100-node Linux machine cluster that Sinegubko found and real Windows botnets, which in 2006 averaged 20,000 PCs, is that Windows, which is insecure by design, can be made over into a bot by simply going to the wrong Web site or opening a corrupted e-mail.

The Linux servers, on the other hand, simply have lousy security. Sinegubko himself comments, "It just occurred to me that hackers may simple have root passwords from those hacked servers. After all this iframe attack uses stolen FTP passwords to inject hidden iframes into legitimate web sites. So the chances are local computers of the server administrators were infected with spyware that steals FTP credentials, and the admins were dumb enough to use the root account for (S)FTP operations and even dumber to store their root passwords in FTP program settings."

This isn't bad security practice. This is "Fire the system administrator now," security.

So, in short, Linux remains as safe as ever from malware and Windows remains as vulnerable to malware as ever. But, with good security Linux and Windows both can be made much more secure and with bad security practices, either can be broken into easily. Linux malware botnets though? No, not yet, and I don't see it happening any time soon.

35 comments

Anonymous 1 year ago
Thanks to share with us such a useful information. I am going to share this information with my other friends.internet marketing company
Flag comment  |  Permalink Reply
Anonymous 1 year ago
I found this informative and interesting blog so i think so its very useful and knowledge able.I would like to thank you for the efforts you have made in writing this article. I am hoping the same best work from you in the future as well. In fact your creative writing abilities has inspired me.Replacement Window
Flag comment  |  Permalink Reply
Anonymous 1 year ago
Really impressed! Everything is very open and very clear explanation of issues. It contains truly information. Your website is very useful. Thanks for sharing. Looking forward to more! Whirlpool Baths
Flag comment  |  Permalink Reply
Anonymous 1 year ago
This is great! also I have been looking around for more information on this topic, does any one know if YouTube has filters that will block boots from tricking this views?YouTube Views!http://www.youtubeviewsplus.com
Flag comment  |  Permalink Reply
Anonymous 1 year ago
I completely agree with you. I really like this article. It contains a lot of useful information. I can set up my new idea from this post. Thanks so much! email marketing
Flag comment  |  Permalink Reply
Anonymous 1 year ago
Whether its Linux or Windows if you use reasonable security such as non-trivial passwords, basic firewalls and keep your programs updated, you will not in danger. Free Online Bingo
Flag comment  |  Permalink Reply
Anonymous 2 years ago
Seriously.. Are there no linux pcs oe web servers infected by botnets????
Flag comment  |  Permalink Reply
Anonymous 1 year ago in reply to Anonymous
This really is one of the best intros on the subject I have ever read. I have been doing a lot of research and have read through hundreds of posts. I will definitely have to keep coming back for more great info. Buy WoW Account
Flag comment  |  Permalink Reply
Anonymous 2 years ago
That seems to be the desire of the article. Please create a bot net for us too, we feel left out and unloved, if you don't abuse our users too!!!
Flag comment  |  Permalink Reply
Sharon Ortigas
Sharon Ortigas 20 weeks ago in reply to Anonymous
Thats what happens when you dont do things correctly. You have a powerful os and dont use the tools. Now if people could figure out how to use their pc correctly then I can stop receiving spam in my email.
Flag comment  |  Permalink Reply
Anonymous 2 years ago
I don't typically complain about grammar and spelling, in fact I usually hate those that do......But seriously some of you make my eyes bleed, post in your original language and I'll google translate it, might stop my eyes from bleeding....But anyway Amiga and C64 forever :-P
Flag comment  |  Permalink Reply
Anonymous 2 years ago
Is this an article, or a cut out from a 12 year old's blog?
Flag comment  |  Permalink Reply
Anonymous 2 years ago
I've used 15 years Windows and some 2 years Linux as workstation OS. And i've very clear opinion that Windows OS is very bad as workstation OS. I've had so bad experiences of Microsoft OS security that there is no doubt where the problem is looming. It's not just IE 6 or Active X. It's the whole hierachy of this sick Windows.After two years of using Linux workstation (several computers with Ubuntu, Mint and Fedora) i can say (my experience) that Linux is much stabile, much secure and generally much more reliable OS.So it's no wonder why these sick Windows computers are making the whole internet feeling sick. They are the cancer of internet.
Flag comment  |  Permalink Reply
Anonymous 2 years ago
I've used 15 years Windows and some 2 years Linux as workstation OS. And i've very clear opinion that Windows OS is very bad as workstation OS. I've had so bad experiences of Microsoft OS security that there is no doubt where the problem is looming. It's not just IE 6 or Active X. It's the whole hierachy of this sick Windows.After two years of using Linux workstation (several computers with Ubuntu, Mint and Fedora) i can say (my experience) that Linux is much stabile, much secure and generally much more reliable OS.So it's no wonder why these sick Windows computers are making the whole internet feeling sick. They are the cancer of internet.
Flag comment  |  Permalink Reply
Anonymous 2 years ago
If Windows is unsecure by design then there are no Windows boxes outside bootnets.If there are Windows boxes no members of any bootnet then what we are talking about?
Flag comment  |  Permalink Reply
Anonymous 2 years ago
Course Linux as a whole won't be used as a botnet. For the simple reason that there is no one Linux. Linux/Unix is an umbrella term for hundreds of different distro's. To make a worm/virus for your botnet, you need to be able to hit thousands of computers rigged up in a reasonably similar fashion. What is interesting, is that someone actually managed to make a botnet on Linux computers. Not using one as a control platform, that's easy. The botnet is harder.."So, in short, Linux remains as safe as ever from malware and Windows remains as vulnerable to malware as ever."I like the article, but drop the bias. You won't look as fanboyish and it will at least seem that you actually know something about security
Flag comment  |  Permalink Reply
Anonymous 2 years ago

It seems like I've been reading this thread for the last 20 years. My 2 cents for what they are worth.

Just an aside but at what point did it become OK to not spell check or use even moderately proper grammar in a post while trying to come off sounding academic and/or intellectual? And the article itself... wow! Please proof read before posting.

BTW: I particularly like the way the Linux guys seem to always double post. Please see
"Problem is bad Windows desktops and their software" or "Microsoft knows that...".

The basic premise here that all sides need to remember is that the end user is the problem here and not the OS and always will be. No one is going to use a computer that makes things too hard or impossible to accomplish so any general purpose OS is going to be breakable by the end user.

To repeat: Security is a process not a product. Anyone that thinks that non-Windows desktops can't be hacked, as evidenced by the fact they currently aren't being hacked, is simply fooling themselves. They should be saying "there by the grace of God go I". The how-to hack Linux manual is the source code which is open. At least you have to guess at hacking Windows.

Please try to remember that when you're beating each other over the head OK? The us vs. them thing has gotten so old.

Flag comment  |  Permalink Reply
Anonymous 2 years ago
might as well not even try since its so much easier on windows and much more effective.
Flag comment  |  Permalink Reply
Anonymous 2 years ago
All Unix derivatives benefit from an operating system conceived of and created by a vast network of knowledgeable computer professionals. With the exception of Paul Allen, Microsoft was led by a group of unwashed amateurs, Gates chief among them. These legacies still resonate in the respective products.
Flag comment  |  Permalink Reply
Anonymous 2 years ago in reply to Anonymous
Interesting comparison, I like it, except MS had a vision of nice computing for the average person, not computing for a PhD in Computer Science.Also, how the tide has turned, now MS employs 1000s of engineers/programmers and Linux is hacked together by Fanboys and amateurs.Linux is ok, I've tried a few Distros, compiled a kernel or two. Invariably I end up staring at the screen for a few minutes and then go back to Windows to do some work.Windows isn't perfect, but it isn't the big bad devil everyone makes it out to be. If more people used Linux then guaranteed there would be malware for it. Servers generally don't count because they are supposed to be security hardened (Windows or Linux). Desktop is were the problem comes in. Users are the single biggest point of failure on any system.
Flag comment  |  Permalink Reply

Add a comment

Post a comment using one of these accounts
Or join now
At least 6 characters

Note: Comment will appear soon after you have activated your account.
Obscene/spam comments will be removed and accounts suspended.
The information you submit is subject to our Privacy Policy and Terms of Service.

ITworld LIVE

SecurityWhite Papers & Webcasts

White Paper

Aberdeen Analyst Insight: Does Your Enterprise Have a Dropbox Problem?

Without policies, awareness and supported alternatives for sharing files securely, end-users will often overlook security and compliance in favor of getting the job done. Read this whitepaper to determine if your enterprise has a "Dropbox Problem" and ways successful organizations address this problem.

White Paper

BYOD: How to Design Secure Usage

With employee mobile devices springing up throughout your workplace, how can you establish an individual liable usage policy? Use these questions from Good Technology to help prepare your organization.

White Paper

Good Technology State of BYOD Report

New data finds Finance and Healthcare industries dominate BYOD picture and that users are willing to pay device and service plan costs if they can use their own devices. Read More>>

White Paper

A Proactive Approach to Server Security

Learn why security-conscious organizations are taking a more proactive approach to server security. Download this Spire Research whitepaper to understand how you can eliminate the threat caused by today's more advanced threats and protect your organization's most valuable data.

White Paper

Protection Against Modern Cybersecurity Threats

Download this case study to learn how this accounting and consulting giant uses Bit9's adaptive application whitelisting to offer employees flexibility without jeopardizing enterprise safety.

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join Now

New questions

How to use social media to increase app downloads
0 answers
Are mobile workers more productive?
0 answers
How to distribute apps to mobile employees?
0 answers
How to market a mobile app
0 answers
How to get started developing Android applications
1 answer
View more questions

Ask a question

Join Now or Sign In to ask a question.
Ask a Question