| |||||||||||||
Vsftpd backdoor discovered in source code (The H)Vsftpd backdoor discovered in source code (The H)Posted Jul 5, 2011 9:14 UTC (Tue) by solardiz (guest, #35993)In reply to: Vsftpd backdoor discovered in source code (The H) by nix Parent article: Vsftpd backdoor discovered in source code (The H) My analysis suggests that the backdoored tarball was on the official site for 2 to 3.5 days before being noticed and removed.
(Log in to post comments)
Vsftpd backdoor discovered in source code (The H) Posted Jul 5, 2011 10:13 UTC (Tue) by nix (subscriber, #2304) [Link]
Sounds like software like this needs a daily cron job on a networkologically-local site that downloads the tarball and checks it against a locally-stored signature. Not hard if you run the download site, really hard if you don't (or you waste bandwidth downloading the whole tarball over the internet daily, probably a price worth paying for something as small and exposed as vsftpd, probably not a price worth paying for something as huge and full of holes as firefox).
|
|||||||||||||