[CentOS] duqu
Les Mikesell
lesmikesell at gmail.com
Tue Dec 6 20:36:41 UTC 2011
On Tue, Dec 6, 2011 at 2:18 PM, Karanbir Singh <mail-lists at karan.org> wrote:
> On 12/06/2011 08:09 PM, Les Mikesell wrote:
>> Any luck on the specific attack path yet? The linked article
>> suggests Centos up to 5.5 was vulnerable.
>
> We dont have access to the actual machines that were broken into - so
> pretty much everything is second hand info.
>
> But based on what we know and what we have been told and what we have
> worked out ourselves as well, its almost certainly bruteforced ssh
> passwords.
So, coincidence that they were CentOS, and pre-5.6? Did they have
admins in common?
--
Les Mikesell
lesmikesell at gmail.com
More information about the CentOS
mailing list