backtop


Print

It's happened more than once for Debian

Early yesterday morning, Debian developer James Troup wrote an email to members of the Debian community notifying them that a Debian GNU/Linux server was compromised. According to the email, a server located at the gluck.debian.org domain was broken into. According to Troup, an investigation is being conducted as to what allowed the break-in to occur and exactly what was damaged in the process.

Several Debian servers went on security lock-down during the rest of the day and the gluck.debian.org machine was taken off line. Troup said "we've taken the machine offline and a are preparing to reinstall it." According to Troup's email:

Early this morning we discovered that someone had managed to compromise gluck.debian.org.  We've taken the machine offline and are preparing to reinstall it.  This means the following debian.org services are currently offline:

 cvs, ddtp, lintian, people, popcon, planet, ports, release

Based on the results of our initial investigation we've locked down most other debian.org machines, limiting access to DSA only, until they can be fixed for what we suspect is the exploit used to compromise gluck.


This incident is not the only hacking incident that Debian has been in. In November 2003, several of Debian's servers were compromised in a similar fashion. Attackers had compromised four of Debian's servers that included web services, mailing lists, security downloads and common versioning system (CVS).




"This is from the DailyTech.com. It's a science website." -- Rush Limbaugh




Latest Blog Posts
Amazon Fire HD 8
Nenfort Golit - Jun 19, 2017, 6:00 AM






botimage
Copyright 2017 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki