Slashdot Mirror
Duqu Attackers Managed to Wipe C&C Servers
Trailrunner7 writes with an update in the saga of Duqu and Stuxnet. From the article: "Shortly after the first public reports about Duqu emerged in early autumn, the crew behind Duqu wiped out all of the command-and-control servers that had been in use up to that point, including some that had been used since 2009. An in-depth analysis of the known C&C servers used in the Duqu attacks has found that some of the servers were compromised as far back as 2009, and that the attackers clearly targeted Linux machines. All of the known Duqu C&C servers discovered up to this point have been running CentOS ... There also is some evidence that the attackers may have used a zero-day in OpenSSH 4.3 to compromise the C&C servers initially."
Oh come on!
If someone did a rant like this for Windows it would be moderated +5 Insightful.
The Agenda here is to point out that Linux isn't the God of OS. It has its problems just like Windows and the others. As we giggle and glee when there is a Major Windows Issue, we like to discredit any Linux problem.
It isn't that Windows is More Secure then Linux but there are too many people running Linux feeling invincible from all the world has to attack them.
The biggest problem in IT Security isn't the OS it is the Dumb Ass who runs the systems.
You can have a Windows Network running for years without a security issue. You can Have a Linux network that is attacked daily. It determine the skill of the System Administrator.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Yeah, go for it! You keep at it, pal! You're beating your opponent so hard that the straw is leaking out!
Seriously, nobody with any credibility has ever claimed that Linux is "invulnerable secure". The strongest argument usually made is that Linux is more secure than Windows, which was absolutely true when it was commonly being made 10 years ago. The debate has moved on. The claims you should be arguing against today are that Linux is better value-for-money on servers, and more secure than Windows specifically on the desktop.
As for malware - well, a targeted attack probably by a nation-state is hardly the scenario people are thinking of when they say "Linux doesn't get viruses". The claim you should be fighting here is that Linux is less likely to be hit by drive-by malware or compromised at random by malicious websites. These claims are absolutely true; even if Linux is no more secure than Windows, it is still a much smaller and less attractive target, and therefore safer.
But, hey, I'm getting in the way of you beating on your strawman, so I'll shut up now and let you keep on with your regularly scheduled trolling!
Same AC here.
I actually rewrote many of the commands to appear more realistic. You can also change the output of various commands with a simple configuration change.
I also implemented better wget/curl support along with the virtual FS so it appears to be more accurate.
I agree about it being obvious to educated attackers. That's why I modified it. I enjoy watching the sessions on many of the servers I run for a large hosting company.