Options

XOR DDOS Linux based

VeritiesVerities Member Posts: 1,162
Doing some daily reading came across this widespread botnet targeting Linux boxes:

https://www.stateoftheinternet.com/resources-web-security-threat-advisories-2015-xor-ddos-attacks-linux-botnet-malware-removal-ddos-mitigation-yara-snort.html

"The malware spreads via Secure Shell (SSH) services susceptible to brute-force attacks due to weak passwords". The write up details how to find it on your system and how to remove it.

Prevention tips:

-Turn off Root login

-Change SSH to a different port

-Use a strong password

-If baked into your flavor, don't turn off SELinux

If you have more tips, please add them.
Sign In or Register to comment.