Why am I saying “Yeay!” about a Linux worm? Read on…
I’ve been a Linux fan for 15 years. Linux has always had good security and it is constantly improving. Much better than certain OTHER operating systems. We have always been proud of the lack of virus/worm infections in Linux. But there were always those who said that this was only because Linux was so small that nobody bothered to target it.
This hasn’t been true for a long time but now they definitely can’t say that anymore. Linux is big enough to be worth targeting. Not only that but Linux is big enough that they are targeting the very small and specific niche of Linux running on MIPS cpu devices!
In order to get infected by something like this you really have to open yourself up and let it in. This has always been the case for many years now and nothing new: If you allow root logins from the net and your root password is “root” you are going to be owned. Contrast that with another OS which recently only required that a specially malformed PDF merely get downloaded onto your machine (not even viewed) to become infected. But now there are enough Linux users out there that enough of them set things up with an ssh or telnet running on the WAN interface with a default or very simple guessable password that they are being actively targeted. Linux has hit the big time and this sort of “exploit” is still the best the worm authors can do.
Yeay!