1 |
Peter Humphrey wrote: |
2 |
> I saw this today: |
3 |
> |
4 |
> https://linux.slashdot.org/story/20/08/13/174237/fbi-and-nsa-expose-new-linux-malware-drovorub-used-by-russian-state-hackers? |
5 |
> utm_source=slashdot&utm_medium=twitter |
6 |
> |
7 |
> Has anyone any more info? |
8 |
> |
9 |
|
10 |
|
11 |
It seems to affect only older kernels, before 3.7. So if you are above |
12 |
that, which I would think most Gentoo users would at least be in the 4 |
13 |
range or higher, then you should be OK. I checked and the oldest kernel |
14 |
version is 4.4 here. That's for gentoo-sources. Of course, one could |
15 |
download the original kernel sources I guess. |
16 |
|
17 |
That said, I've read that some old servers that are rarely if ever |
18 |
shutdown, may be running kernels that old or even older. I'd think they |
19 |
would be old systems but if they are servers with fast internet |
20 |
connections, those would be a good target. One would hope tho that they |
21 |
are admin'ed by people who can notice the hack and correct it or have |
22 |
other means to prevent it in the first place. |
23 |
|
24 |
How does one know if they are hacked tho? Is there a tool to run? I'm |
25 |
not worried about myself since I'd be a really bad target for it but |
26 |
others might want to know. |
27 |
|
28 |
Dale |
29 |
|
30 |
:-) :-) |