September 14th, 2009
The Linux botweb story that wasn't ...
Late last Friday a story appeared on my radar that seemed interesting - it was about a botweb (a botnet made up of web servers) utilizing Linux web servers. Was Linux cracked? Would Linux fans have to wind in all their security bragging? Was the Linux fortress wall breached? Was the sky falling in?
Short answer, no.
Slightly longer answer, no, no, no and no.
If there was a way that hackers could crack Linux web servers and use them to create an huge botweb, then that would be a very big deal indeed. Botwebs, since they use web servers rather than zombie home or office PCs, make a far more effective botnet since they have a better connection to the internet. The idea of millions of compromised Linux web servers causing all sorts of mayhem isn’t a pretty picture.
Which is why the story was interesting.
But alas, this story doesn’t have anything to do with Linux hacks, but instead comes down to basic security, or the lack of it. It seems that the hack comes down to bad passwords. Hackers regularly sweep the web looking for vulnerable systems, which is why good passwords are vital. If your passwords are weak then the system can, and eventually will, be compromised. It doesn’t matter if it’s Windows-based or Linux-based.
Normal “Linux is more secure than Windows” bragging can resume …
Adrian is a technology journalist and author who has devoted over a decade to helping users get the most from technology. He also runs a popular blog called The PC Doctor. See his full profile and disclosure of his industry affiliations
Want to get in touch? Got a tip? Feel free to drop me a note! I ALWAYS respect anonymity. I'm also on Twitter (@the_pc_doc)
Right to Reply: Should any industry representatives wish to comment on any posts on Hardware 2.0, I will be happy to publish their reply verbatim on this blog.
Subscribe to Hardware 2.0 via Email alerts or RSS.
