"Today, June 29th 2017, WikiLeaks publishes documents from the OutlawCountry project of the CIA that targets computers running the Linux operating system. OutlawCountry allows for the redirection of all outbound network traffic on the target computer to CIA controlled machines for ex- and infiltration purposes. The malware consists of a kernel module that creates a hidden netfilter table on a Linux target; with knowledge of the table name, an operator can create rules that take precedence over existing netfilter/iptables rules and are concealed from an user or even system administrator.
The installation and persistence method of the malware is not described in detail in the document; an operator will have to rely on the available CIA exploits and backdoors to inject the kernel module into a target operating system. OutlawCountry v1.0 contains one kernel module for 64-bit CentOS/RHEL 6.x; this module will only work with default kernels. Also, OutlawCountry v1.0 only supports adding covert DNAT rules to the PREROUTING chain."
https://www.wikileaks.org/vault7/#OutlawCountry
-- Leaked Documents :
= OutlawCountry v1.0 User Manual
https://www.wikileaks.org/vault7/document/OutlawCountry_v1_0_User_Manual/
(PDF) https://www.wikileaks.org/vault7/document/OutlawCountry_v1_0_User_Manual/OutlawCountry_v1_0_User_Manual.pdf
= OutlawCountry v1.0 Test Plan
https://www.wikileaks.org/vault7/document/OutlawCountry_v1_0_Test_Plan/
(PDF) https://www.wikileaks.org/vault7/document/OutlawCountry_v1_0_Test_Plan/OutlawCountry_v1_0_Test_Plan.pdf
(Score: 3, Informative) by jmorris on Saturday July 01 2017, @12:37AM (3 children)
It is a truth though that the people who spend the most time securing their machine have the least interesting stuff on it. All of the most vendable personal information, the business records, the corporate secrets, the most useful networks full of innocent spam canneries, the darkest vilest crap, all that tends to reside on the low hanging fruit,
(Score: 0) by Anonymous Coward on Saturday July 01 2017, @02:01AM (2 children)
Your statement is unrelated to ones ability to secure Linux. The point is, one has the freedom and access to really tighten a Linux box.
Linux administrators' individual choices doesn't diminish what is available to her/him.
(Score: 0) by Anonymous Coward on Saturday July 01 2017, @06:23AM (1 child)
You have the same freedum on windows. Nobody does it, but you do. Nothing stops you from loading a custom ring 0 driver and basically filter/change/manipulate/control whatever you want.
(Score: 0) by Anonymous Coward on Saturday July 01 2017, @05:34PM
"Nothing stops you from loading a custom ring 0 driver and basically filter/change/manipulate/control whatever you want."
not being a stupid whore bent on insanity stops me.