Increasing security of Linux / BSD systems against "cyber attacks"
Re: Linux Server Malware : Mumblehard,
Security watchers are talking about a family of malware that infects Linux and BSD servers. Marc-Etienne M. Léveillé, ESET malware researcher, has provided details about Linux/Mumblehard, which targets servers running Linux and BSD.
The spamming malware is described as “sophisticated”—sophisticated in terms of having successfully flown under the radar for over five years (Mumblehard has been active since at least 2009) and sophisticated in terms of being what Ars Technica called “the brainchild” of “experienced and highly skilled programmers.”
In Particular :
We Live Security, ESET’s editorial outlet, carried this advice: “Victims should look for unsolicited cronjob entries for all the users on their servers. This is the mechanism used by the Mumblehard backdoor to activate the backdoor every 15 minutes. The backdoor is usually installed in /tmp or /var/tmp. Mounting the tmp directory with the noexec option prevents the backdoor from starting in the first place.”
Stop executables running from /tmp :