Hi, I have been directed from the Linux forums to ask this concern here and I will just copy and paste what I asked there:
Are you able to answer the concerns about "Possible Linux/Ebury - Operation Windigo installetd." An attacker can't infect you through just knowing your ip and then looking for vulnerable ports can they?
The only vulnerable ports I know of are the Samba ports and they were both closed on my vpn ip and my real ip. Plus I had a firewall set to reject all incoming traffic. The port checkers I used were http://www.canyouseeme.org/ and http://www.yougetsignal.com/tools/open-ports/
Also upon I discovered that port 22 ssh was a vulnerable port which I never checked.
I'd be very grateful for any help on this. Thanks.