Debian server hacked

Post #261,697 by andread 7/14/06 11:13:43 AM Reply	Debian server hacked [link\|http://www.zdnet.com.au/news/security/soa/Debian_locks_out_developers_after_server_hack/0,2000061744,39263432,00.htm\|Debian forced to lock out developers] A Play I Some Music w/ Papa Andy Saturday 8 PM - 11 PM ET All Night Rewind 11 PM - 5 PM Reggae, African and Caribbean Music [link\|http://wxxe.org\|Tune In]
Post #261,700 by drewk 7/14/06 11:20:55 AM Reply	Spin The embarassing security breach is not the first for Debian. In November 2003 several of Debian's servers were similarly compromised and pulled offline. So every three years someone gains access for a short time, it's widely publicized so anyone who pulled anything down during the compromise period knows to double-check what they've got, it's back up with a patch in place in short order, and the patch is also available to the world. Yeah, that Lie-nooks security sucks rocks. === Purveyor of Doc Hope's [link\|http://DocHope.com\|fresh-baked dog biscuits and pet treats]. [link\|http://DocHope.com\|http://DocHope.com]
Post #261,730 by folkert 7/14/06 1:51:34 PM Reply	but what about the OTHER Linux Distros? How many other were saved by the quick thinking and actions of the DSAs (Debian Systems Admins). I'd have to say that the real damage is by showing how quickly this is done to fix things like this. Mere hours versus weeks and sometimes YEARS! with other non-UNIX like operating Systems(-s) Come on, Even the beast cannot get hosts backup and running completely re-install and restoring with a few hours. They have the luxury of hot-standby machines. Debian does not. Though it does have some hardware it can do the shift game with. -- [link\|mailto:greg@gregfolkert.net\|greg], [link\|http://www.iwethey.org/ed_curry\|REMEMBER ED CURRY!] @ *i_wethey* Freedom is not FREE. Yeah, but 10s of Trillions of US Dollars? SELECT * FROM scog WHERE ethics > 0; 0 rows returned.
Post #261,728 by folkert 7/14/06 1:43:40 PM Reply	It was actually a Linux Kernel Local Only Exploit. and a sub-minor verion of 2.6.16 was released to fix it. 2.6.16.24, and a sub-minor fot 2.6.17 (though I don't know which) I could have happened to ANY linux machine with local logins, regard less of auth-mechanism. The account the local exploit was done from, the owner is being evaluated. And it happened last Wednesday. The initial message from James Troup at Wed, 12 Jul 2006 18:47:24 +0100 (13:47 EDT) Hi, Early this morning we discovered that someone had managed to compromise gluck.debian.org. We've taken the machine offline and are preparing to reinstall it. This means the following debian.org services are currently offline: cvs, ddtp, lintian, people, popcon, planet, ports, release Based on the results of our initial investigation we've locked down most other debian.org machines, limiting access to DSA only, until they can be fixed for what we suspect is the exploit used to compromise gluck. We're still investigating exactly what happened and the extent of the damage. We'll post more info as soon as we reasonably can. -- James -- [link\|mailto:greg@gregfolkert.net\|greg], [link\|http://www.iwethey.org/ed_curry\|REMEMBER ED CURRY!] @ *i_wethey* Freedom is not FREE. Yeah, but 10s of Trillions of US Dollars? SELECT * FROM scog WHERE ethics > 0; 0 rows returned.

Welcome to IWETHEY!