Home > Enterprise Linux News > Debian servers hacked, archive safe
Enterprise Linux News:
EMAIL THIS LICENSING & REPRINTS

Debian servers hacked, archive safe

By Michael S. Mimoso, SearchEnterpriseLinux.com News Editor
22 Nov 2003 | SearchOpenSource.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

Linux distributor Debian reported Friday afternoon that some of its servers have been compromised since Thursday. The alert, posted to several security and Linux mailing lists, stresses that its archive had not been hacked, sparing thousands of installations a potential security nightmare.

Debian said its bug-tracking system (master), mailing lists (Murphy), Web and CVS servers (gluck) and its security and search servers (klecker) have been affected and are currently not available, or have been moved to debian.org.

"We have decided to move only the main Web server to a different machine and work on reinstalling the machines instead of wasting time on moving services," said Debian developer Martin Schulze. "The list service and the security archive service will probably be among the first being up again. [But only] after the [respective] machines are reinstalled and services re-integrated. I'm unable to predict a date [when]."

The attack was discovered on Thursday and Schulze said Debian is waiting for an evaluation of forensic evidence before it reveals the type of attack and whether it exploited a known or unknown vulnerability.

"We discovered strange behavior on one server on Thursday and took it down for maintenance since we thought it was a result of potential severe hardware problem that we needed to inspect," Schulze said. "After more investigation involving a different kernel, we noticed other problems and soon found out the real problem."

The security breach, the distributor's first according to Schulze, has also pushed back the latest point release for Debian GNU/Linux 3.0r2. The release was scheduled for Friday morning, but has been postponed. Debian said the update was not affected by the compromise.

"We apologize for the disruptions of some services over the next few days. We are working on restoring the services and verifying the content of our archives," Debian said in a statement.



Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


HomeNewsTopicsITKnowledge ExchangeTipsBlogsAsk the ExpertsMultimediaWhite PapersIT Downloads
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts