Researchers have documented an ongoing criminal operation infecting more than 10,000 Unix and Linux servers with malware that sends spam and redirects end users to malicious Web pages.
Windigo, as the attack campaign has been dubbed, has been active since 2011 and has compromised systems belonging to the Linux Foundation's kernel.org and the developers of the cPanel Web hosting control panel, according to a detailed report published Tuesday by researchers from antivirus provider Eset. During its 36-month run, Windigo has compromised more than 25,000 servers with robust malware that sends more than 35 million spam messages a day and exposes Windows-based Web visitors to drive-by malware attacks. It also feeds people running any type of computer banner ads for porn services.
The Eset researchers, who have been instrumental in uncovering similar campaigns compromising large numbers of servers running the nginx, Lighttpd, and Apache Web servers, said the latest campaign has the potential to inflict significant harm on the Internet at large. They explained:
The number of systems affected by Operation Windigo might seem small when compared with recent malware outbreaks where millions of desktops are infected. It is important to keep in mind that, in this case, each infected system is a server. These usually offer services to numerous users and are equipped with far more resources in terms of bandwidth, storage and computation power than normal personal computers. A denial of service attack or a spam-sending operation using one thousand servers is going to be far more effective than the same operation performed with the same number of desktop computers.
With passwords becoming inherently insecure nowadays, I decided to add an extra layer of security by using the Textlocal One-Time Password API (Its so new I haven't been able to get it documented yet).
One-Time Passwords are unique codes which are sent to a trusted mobile device which can then be checked and then allowed or denied access based on the response back.
This is pretty awesome considering the code can not be guessed, expires after 24 hours, can only be used once, and is separate to the service which is requiring the authentication.
Like I said, I decided to add One-Time Passwords to my Linux server, to do this, I added the following code to the bottom of my user's (my user, since no other users have SSH access)
trap logout INT
curl -s -d $tlrequest http://api.txtlocal.com/otp_send >/dev/null 2>&1
echo "A One-time password has been sent to your device. Please enter it below followed by [enter]:"
check=$(curl -s "http://api.txtlocal.com/otp_challenge/?username=**EMAIL**&password=**PASS**&numbers=**NUMBER**&code=$otp >/dev/null 2>&1")
if [[ $check == *uccess* ]]
echo "OTP Validated.";
echo "OTP Invalid. Disconnecting."
To make the code work, you will need:
1. A Textlocal account
2. Change **EMAIL** to your email address
3. Change **PASS** to your Textlocal password or hash
4. change **NUMBER** to your mobile number (eg 447000000000)
Monitor server resources System administrators need to monitor their server to ensure proper functioning. The practice enables administrators to detect possible issues in advance and recover the system, before it causes any trouble. There are plenty of commands on Linux to monitor different system resources like cpu usage, memory usage, network, disk usage and so on. Popular ones are top, htop, iostat, nethogs etc. In this post we are talking about simple command line tools that can monitor multiple system resources like cpu, memory, network, disk, processes etc all together...
CPU hardware information The cpu information includes details about the processor, like the architecture, vendor name, model, number of cores, speed of each core etc. There are quite a few commands on linux to get those details about the cpu hardware, and here is a brief about some of the commands. 1. /proc/cpuinfo The...
Secure copy Scp (Secure Copy) is a command line tool to copy or transfer files across hosts. It uses the same kind of security mechanism like the ssh program. Infact it uses an ssh connection in the background to perform the file transfer. scp refers both to the "protocol" that defines how secure copy should work and the "program" (command) which is installed as a part of OpenSSH suite of tools. In this quick tutorial we shall look at a few examples the scp command and how it can be...
The linux terminal is not always dull and boring. There are commands to make it do some funny acts to entertain the user. Here is a small collection of such commands. 1. Cowsay Install cowsay with apt. $ sudo apt-get install cowsay Cowsay is a talking cow that will speak out anything you want it to. $ cowsay "Hi, How are...
Saidar For a system admin, its always exciting to learn new commands to monitor system resources, and here is a new one. Its called Saidar and is a very small tool. Even simpler than and . It displays a small screen full of statistics on a variety of system resources that you might want to monitor. Saidar is a part of the libstatgrab...
As a Linux sysadmin it feels great power when monitoring system resources like cpu, memory on the commandline. To peek inside the system is a good habit here atleast, because that's one way of driving your Linux system safe. Plenty of tools like Htop, Nmon, Collectl, top and iotop etc help you accomplish the task. Today lets try another tool called Glances. Glances Glances is a tool similar to that has a very compact display to provide a complete overview of different system resources on just...
I recently read that SSH keys provide a secure way of logging into a Linux and Unix-based server. How do I set up SSH keys on a Linux or Unix based systems? In SSH for Linux/Unix, how do I set up public key authentication?
Read more: Linux setup ssh keys
Before rolling out the analysis, itâ€™s important to understand the technology. Microsoft Lync 2013 helps connect to multiple people across different operating systems and mobile devices. As a unified enterprise-ready communications platform, it enables an environment that facilitates instant video conferencing, messaging, voice chats and meeting. In short, it provides a single and consistent presence experience for its client.
While Microsoft may project changes brought about in the Lync Server 2013, enabling better experiences than ever before, there are a few concern areas that you users need to be aware of.
- Video Conferencing limitations: Continuing to be a low area, this version of Microsoftâ€™s Lync too has been observed to be immature in terms of its video conferencing capabilities. Besides, it doesnâ€™t provide end-to-end solutions such as video-room systems, video desktops, telepresence systems or video gateways. Its solutions for multi-party video conferencing, works on desktops only. Its conferencing capabilities are also limited with allowing a maximum of five people in a conference only and feature lacks such as server-side recording, dual presentation and multi-casting. Other problems associated with its video conferencing capabilities are its interoperability constraints with 3rd party products and that it consumes exorbitant bandwidths which are about 600% more than its counterparts.
- ĂĽ Lack of consistent BYOD support: BYOD is the next big revolution thatâ€™s happening in working environments. As such Lync 2013â€™s compatibility with the BYOD culture is critical. While it does support presence and instant messaging on platforms like iOS, Android and Windows, it falls short of features like simultaneous multi-party video and viewing shared meeting content.
- ĂĽ Voice limitations persist: This was one of the major lookout areas in terms of improvements expected. To begin with, users will have to invest in conference phones, Session Border Controllers for security purposes and 3rd party gateways. If you have a pre-existent system in place, you actually have to rip it apart. Besides it doesnâ€™t even have call recording, call parking or contact centre features, making it troublesome for most users.
- ĂĽ Real-time collaboration shortcomings: Microsoftâ€™s Lync 2013 requires sourcing a number of applications from various 3rd party vendors, making it unsuitable for users looking for an all-in-one solution.
- ĂĽ Investments in trainings: Due its nature of complexities, organizations will need to invest in training their staff, in-mates. Besides, they will also have to hire individuals with Linux certifications to help deploy and manage the system and troubleshoot as and when required. All this requires huge investments that organization may want to reconsider beforehand.
- ĂĽ Investments in Lync Voice too high: As per the conclusions from detailed interviews done with 211 real world customers, it was observed that Lyncâ€™s users spent $1,912 on an average, in installations (on the 1st year itself).
- ĂĽ Customer Choice is limited: Essentially Microsoftâ€™s way with its products and sales strategies, for instance, product bundling, can end up in users being locked into their systems.
For the perfect communications solution, organizations require services that can be imbibed into existing systems, with delivering effective and efficient quality services in a cost-effective structure.
Have you been using Microsoft Lync 2013? How has your experience been? What according to you are its biggest drawbacks? Share your thoughts and takes with us.