malwaremustdie LQ Newbie

Registered: Jun 2014 Location: /dev/random Distribution: minix3 Posts: 12

Original Poster

Rep:

I've been working in NIX OS for 21 years now. I started MMD to fight malware of all kind, but I did not see ELF malware was handled as fairly the same as the windows ones, in generally speaking.

I know how it feel to be sysadmin since I've been one of you in the field, and I know how bad an ELF malware can ruin our week days or week ends too. I know how tight the budget is, and I also know how costly the protection for server side if we consider to buy one..yet the information are so limited.



So I dedicated the most of time on ELF recently until the overall mitigation scheme works better.



The links I posted up there are recent cases of report, an analysis, the attack source recently are mostly China, except Linux/Mayhem is Ukraine basis.



I saw the infection source or malware web panel and surprised to the huge numbers of downloads, specially the ones who rides on shellshock infection scheme < this vulnerability really kicks. Also the Elasticsearch exploit and of course the weak ssh force entries.



So I just think maybe there are more admins hit, this is why I asked. You can click on every link I posted safely, I mean no harm. If you can comment with your cases it will be so wonderful.

We NEED more ways to mitigate the infection like setting some directories under specific permission, harden the SE Linux for some points, mdsumchecks regularly for new changes in files, and so on.



Come on, friends, can not fight these alone, let's fight these bad stuff together.



MalwareMustDie Last edited by malwaremustdie; 07-04-2015 at 09:51 AM .