Under what conditions have you seen Linux systems compromised?

If you have seen a Linux system (desktop, server, firewall, etc.) compromised, and are willing to post about your experience with it here, please do so.

 

Servers with services compromised. I've seen it done a ton of times, though only servers.

 

A mixture of poorly configured servers and obsolete public facing services. Yes LAMP servers, but not the ones I admin.

Cheers, Nick

 

Mostly poor configuration and lazyass admins.
Mrk

 

Poor administration, lack of enforcement of existing rules, in-adept administrators.

 

Lack of caution by users or administrators

 

The only time i have ever seen a linux distro is in my PC.

 

LOL. What about screenshots and videos on the web?

 

Im not counting those.
I mean seeing in person a Linux distro installed in someone else PC.

 

Since I deal with pentesting all the time I have persoanly compromised Linux Systems. Normally due to user errors (same as windows and mac). You know the admin didn't disable Java in the browser or use apparmour/selinux to confine it. I would say on traditional systems (Laptops, servers and desktops) I have mainly seen PEBKACs not much else.

Android (linux based) on the other hand I have used zero-days and other exploits (due to long wait between updates) like zergRush. Speaking of which this is why I am excited that SeLinux is finally on android.

 

Default passwords like admin, root, or blank.

 

I really like the various editions of Puppy Linux, and I always use them as Live Distros.

However, it has always disturbed me that Puppy Linux is ran a root, by default.