Security watchers are speculating that hackers familiar with the ways of the ninja may be attempting to construct a distributed denial of service (DDos) network on compromised Secure Shell Hosts (SSHs). Threads on security newsgroups have suggested that hackers may be . . .
Security watchers are speculating that hackers familiar with the ways of the ninja may be attempting to construct a distributed denial of service (DDos) network on compromised Secure Shell Hosts (SSHs). Threads on security newsgroups have suggested that hackers may be breaking into Linux boxes running the SSH1 protocol, using a known vulnerability in the SSH CRC32 (cyclic redundancy checksum) that was published late last month.

Writing on the BugTraq security mailing list yesterday William Salusky, of security firm DMZS, said: "It appears that someone may be building up a network of [potential] DDos hosts."

He explained that he had discovered a compromised Red Hat box that was being used as a central host for other 'zombie' machines, although it is not yet clear how the central server communicates with the zombies.

The link for this article located at vnunet.com is no longer available.