[ubuntu-uk] Phishing and linux

Mac Ammonius.Grammaticus at googlemail.com
Wed Oct 3 10:46:12 BST 2007

Alan Pope wrote:
> AIUI most compromised Windows boxes are due to user error, people not
> installing patches or firewalls on their windows desktops and laptops.
> AIUI most compromised Linux boxes are due to user error, people not
> installing patches for server apps and scripted applications on their
> Linux servers.
<big snip>
> If their specification during this witch-hunt was to look at the server
> space for compromised machines then _of_ _course_ they will find Linux
> boxen - as we know Linux is popular in the web/mail server space. These
> were possibly running dodgy old copies of apps like drupal and phpbb
> with naffed up xmlrpc implementations. 

Mark Harrison wrote:
> Anyone who goes around saying "Linux is secure, Windows isn't" is,
> I'm afraid, setting themselves up for a MASSIVE egg-on-face incident.
> What we CAN say is that "Ubuntu contains a good set of tools to keep 
> machines secure that are free. <snip>

Tony Arnold wrote:
> It's not clear to me from the article what was meant by 'machines
> used for phishing'.
> There are two aspects, the machines used to send out the millions of 
> e-mail messages for the initial phish and then there is the machine
> used to host the fake WEB site.

Al / Mark / Tony >>> I'm consoled!

I guessed the sample of machines examined might be biased;  and I should 
have remembered that most security breaches are due to bad practice by 
users regarding updates and patches.

But I also now appreciate the distinction between compromised machines 
that generate the spam and compromised web servers.  As Tony points out, 
the article conflates the two types (though whether the conflation is 
due to the reporting or the original is hard to say.)

Anyway, many thanks for the clarifications.


More information about the ubuntu-uk mailing list