Linux is more secure but not invulnerable

Filed under

I've been working with and using Linux far longer than any other platform. Through those years, I've pretty much seen and used it all. Interestingly, my tune has changed on a number of things -- one opinion is about the relative security of Linux. Back in the day, I would have looked you in the face and said squarely, “There's no way anyone is going to hack a Linux server!” My tune now is a bit more somber, sober, and far more realistic. But before I get the chance to sing you that tune, let me set the stage.

Over the last week, I was called to check into why a CentOS server was behaving poorly. The server duty was for web/email. The shenanigans were first spotted when a particular email address on the server in question refused to authenticate. I logged into the cPanel, changed the email's password, and attempted to log into the user's webmail. The second I logged in, the password was automatically changed again.

So, I started digging around.