It's happened more than once for Debian

Early yesterday morning, Debian developer James Troup wrote an email to members of the Debian community notifying them that a Debian GNU/Linux server was compromised. According to the email, a server located at the domain was broken into. According to Troup, an investigation is being conducted as to what allowed the break-in to occur and exactly what was damaged in the process.

Several Debian servers went on security lock-down during the rest of the day and the machine was taken off line. Troup said "we've taken the machine offline and a are preparing to reinstall it." According to Troup's email:

Early this morning we discovered that someone had managed to compromise  We've taken the machine offline and are preparing to reinstall it.  This means the following services are currently offline:

 cvs, ddtp, lintian, people, popcon, planet, ports, release

Based on the results of our initial investigation we've locked down most other machines, limiting access to DSA only, until they can be fixed for what we suspect is the exploit used to compromise gluck.

This incident is not the only hacking incident that Debian has been in. In November 2003, several of Debian's servers were compromised in a similar fashion. Attackers had compromised four of Debian's servers that included web services, mailing lists, security downloads and common versioning system (CVS).

"This is from the It's a science website." -- Rush Limbaugh

Latest Blog Posts
Amazon Fire HD 8
Nenfort Golit - Jun 19, 2017, 6:00 AM

Copyright 2017 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki