"More interesting is that most of the compromised machines were not Windows machines. "The vast majority of [the phishing sites] we saw were on rootkit-ed Linux boxes, which was rather startling. We expected a predominance of Microsoft boxes and that wasn't the case."" http://tinyurl.com/36nfsm The above comments were made at a MS sponsored conference. MicroSoft has a history of sponsoring stuff like this. Even if it was an exaggeration - I've never heard of a big problem with Linux boxes getting root-kitted - is it something happenning under the radar? I've read over and over that Linux is much more secure than it's big counterpart - what sorts of vulnerabilities are people opening up to allow Linux machines to be root-kitted? I am aware of the ssh problem, and have followed the discussions on locking down ssh for years, including the other thread that's running currently. What other sorts of things must people do to open themselves up to being rootkitted? This is the first time I've seen such a claim, and it took me by surprise...so, I'm asking. -- Claude Jones Brunswick, MD, USA
