[ale] Linux Ransom-ware

[Jim Kinney]

Granted, apache starts as root to claim ports 89  and 443 then drops root
and runs as unprivileged apache user. It's done this by default for over a
decade. Only a total noob blindly pasting commands from forums for noobs
will have an all root apache. Or someone who compile apache themselves and
had all the security flags wrong.
On Nov 9, 2015 9:37 AM, "Charles Shapiro" <hooterpincher at gmail.com> wrote:

> Am I reading this right?  You have to be running Apache as root to be
> vulnerable?
>
> t’s worth noting that the malware requires the compromised user account on
> the Linux system to be an administrator; operating Web servers and Web
> services as administrator is generally considered poor security form, and
> threats like this one just reinforce why.
>
> On Mon, Nov 9, 2015 at 5:53 AM, Leam Hall <leamhall at gmail.com> wrote:
>
>> On 11/09/15 04:35, DJ-Pfulio wrote:
>>
>>> Linux Ransom-ware is out looking for ways to attack and encrypt your
>>> systems:
>>>
>>> https://krebsonsecurity.com/2015/11/ransomware-now-gunning-for-your-web-sites/
>>>
>>> Good news: They only want 1 bitcoin as payment.
>>>
>>> Bad news: 1 BC is about US$420 and the unlock process doesn't put
>>> everything back exactly like it was.
>>>
>>
>> Good news; we're all now reminded to back up our files and sites.  :)
>>
>> Leam
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20151109/063ddcc8/attachment.html>