this post was submitted on 10 Jan 2024
22 points (61.7% liked)

Technology

76278 readers
3116 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
22
Linux devices are under attack by a never-before-seen worm (arstechnica.com)
submitted 2 years ago by SJSmith@lemmy.world to c/technology@lemmy.world
7 comments fedilink hide all child comments
top 7 comments
sorted by: hot top controversial new old
[–] mlfh@lemmy.ml 56 points 2 years ago (1 children)

This is just an attack that attempts common username/password combinations on ssh, and the article even states that the worm is dime-a-dozen. Unless you have both password auth enabled and an available account with an easily guessable password (and if you have either you should change that), this is nothing to worry about, even with sshd available to the internet.

Sensationalist title.

[–] knobbysideup@sh.itjust.works 1 points 2 years ago

Prevention, as always, is much easier than a cure.

[–] linearchaos@lemmy.world 17 points 2 years ago

A million attacks a day have done this for the past 20 years. ssh + bad password is so old it can drink in the US.

ssh-keygen is your friend, pretty much no reason not to use it.

[–] CyberSeeker@discuss.tchncs.de 13 points 2 years ago* (last edited 2 years ago)

Linux device attacks preventable by standard security precautions

[–] cmnybo@discuss.tchncs.de 6 points 2 years ago (1 children)

This is why you don't allow password login for SSH, especially not on systems that are accessible from the internet.

[–] cyberpunk007@lemmy.world 2 points 2 years ago

This might as well be an article about windows systems exposing RDP to the internet.

[–] 21Cabbage@lemmynsfw.com 3 points 2 years ago

One would assume it wouldn't have been seen before, be weird if a patch got pushed and all of a sudden an old virus came back out of the archives like that permafrost thing people are paranoid about.