Technology news and Jobs 
Information Technology News Linux role in botnets studied
Information Technology News Linux role in botnets studied | Linux role in botnets studied |
|
| by Stephen Withers | |
| Thursday, 14 February 2008 | |
|
Page 1 of 2       
A six-year old Linux virus is still in circulation, and Sophos suspects the high uptime exhibited by servers (compared with the typical home or office Windows PC that spends much of the day switched off or asleep) makes them valuable to bot-herders as central control points. Over two-thirds of the malware infections suffered by Sophos's Linux honeypots involve Rst-B, which attempts to infect ELF (Executable and Linkable Format) binaries in the current working directory and in /bin, and to create a backdoor to the system. Sophos has created a detection tool specifically for this virus, and encourages administrators to use it and then forward any infected files to SophosLabs for analysis. "If you don't find Linux/Rst-B on your system, it's good news but obviously doesn't mean that you are not infected with something else, said Billy McCourt, SophosLabs UK. "I'd encourage you to at least do regular on-demand scans on your Linux box but ideally run an on-access scanner." A previous analysis by McCourt suggested that Rst-B infections are not being used by intruders to gain access to systems, rather they occur as a side-effect of already-infected hacking tools being downloaded onto servers once a foothold has been gained. CONTINUED |
| < Next story in category | Previous story in the category > |
|---|
