Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   NZ Computing (http://www.velocityreviews.com/forums/f47-nz-computing.html)
-   -   !Some Debian Project machines compromised (http://www.velocityreviews.com/forums/t568568-some-debian-project-machines-compromised.html)

Max Burke 11-21-2003 08:26 PM

!Some Debian Project machines compromised
 
------------------------------------------------------------------------
The Debian Project http://www.debian.org/
Some Debian Project machines compromised
press@debian.org
November 21st, 2003
------------------------------------------------------------------------
Some Debian Project machines have been compromised This is a very
unfortunate incident to report about. Some Debian servers were found to
have been compromised in the last 24 hours.

The archive is not affected by this compromise!
In particular the following machines have been affected:

master (Bug Tracking System)
murphy (mailing lists)
gluck (web, cvs)
klecker (security, non-us, web search, www-master)

Some of these services are currently not available as the machines undergo
close inspection. Some services have been moved to other machines
(www.debian.org for example). The security archive will be verified from
trusted sources before it will become available again.

Please note that we have recently prepared a new point release for Debian
GNU/Linux 3.0 (woody), release 3.0r2. While it has not been announced yet,
it has been pushed to our mirrors already. The announcement was scheduled
for this morning but had to be postponed. This update has now been checked
and it is not affected by the compromise.

We apologise for the disruptions of some services over the next few days.
We are working on restoring the services and verifying the content of our
archives.
http://cert.uni-stuttgart.de/files/f...y-20031121.txt
--
mlvburke@#%&*.net.nz
Replace the obvious with paradise to email me.
See Found Images at:
http://homepages.paradise.net.nz/~mlvburke/


T.N.O. 11-21-2003 08:29 PM

Re: !Some Debian Project machines compromised
 
Max Burke wrote:
> ------------------------------------------------------------------------
> The Debian Project http://www.debian.org/
> Some Debian Project machines compromised
> press@debian.org
> November 21st, 2003
> ------------------------------------------------------------------------
> Some Debian Project machines have been compromised This is a very
> unfortunate incident to report about. Some Debian servers were found to
> have been compromised in the last 24 hours.


heh, bugger... I wonder how that happened.

Max Burke 11-21-2003 08:53 PM

Re: !Some Debian Project machines compromised
 
> T.N.O. scribbled:

>> Max Burke wrote:
>> ------------------------------------------------------------------------
>> The Debian Project http://www.debian.org/
>> Some Debian Project machines compromised
>> press@debian.org
>> November 21st, 2003
>> ------------------------------------------------------------------------
>> Some Debian Project machines have been compromised This is a very
>> unfortunate incident to report about. Some Debian servers were
>> found to have been compromised in the last 24 hours.


> heh, bugger... I wonder how that happened.


Perhaps there was a vulnerability that compromised their security???? ;-)
Na that cant be true..... ;-)

--
mlvburke@#%&*.net.nz
Replace the obvious with paradise to email me.
See Found Images at:
http://homepages.paradise.net.nz/~mlvburke/


T.N.O. 11-21-2003 09:13 PM

Re: !Some Debian Project machines compromised
 
Max Burke wrote:
> Perhaps there was a vulnerability that compromised their security???? ;-)
> Na that cant be true..... ;-)


the biggest vunerability to any computer system is the user... ring
somewhere(big corporate) and say "Hi there, it's Dave here from IT,
we're just trying to sort out a problem we found with your computer
account, could you just give me your username and password please?" and
9 times out of ten, they'll give it... truly strange, and no
vunerability needed.

True, this only gives you limited access, but get the right person, and
you can soon get a long way.

techie 11-21-2003 09:19 PM

Re: !Some Debian Project machines compromised
 
On Fri, 21 Nov 2003 15:13:02 -0600, T.N.O. wrote:

> Max Burke wrote:
>> Perhaps there was a vulnerability that compromised their security????
>> ;-) Na that cant be true..... ;-)

>
> the biggest vunerability to any computer system is the user... ring
> somewhere(big corporate) and say "Hi there, it's Dave here from IT,
> we're just trying to sort out a problem we found with your computer
> account, could you just give me your username and password please?" and
> 9 times out of ten, they'll give it... truly strange, and no
> vunerability needed.


Heck, just get their username and try their username, "password", and
then the company name as the password. One of 'em usually works.

T.N.O. 11-21-2003 09:31 PM

Re: !Some Debian Project machines compromised
 
techie wrote:
>>the biggest vunerability to any computer system is the user... ring
>>somewhere(big corporate) and say "Hi there, it's Dave here from IT,
>>we're just trying to sort out a problem we found with your computer
>>account, could you just give me your username and password please?" and
>>9 times out of ten, they'll give it... truly strange, and no
>>vunerability needed.


> Heck, just get their username and try their username, "password", and
> then the company name as the password. One of 'em usually works.


Or a day of the week...

Roger_Nickel 11-21-2003 11:10 PM

Re: !Some Debian Project machines compromised
 
Max Burke wrote:
>>T.N.O. scribbled:

>
>
>>>Max Burke wrote:
>>>------------------------------------------------------------------------
>>>The Debian Project http://www.debian.org/
>>>Some Debian Project machines compromised
>>>press@debian.org
>>>November 21st, 2003
>>>------------------------------------------------------------------------
>>>Some Debian Project machines have been compromised This is a very
>>>unfortunate incident to report about. Some Debian servers were
>>>found to have been compromised in the last 24 hours.

>
>
>
>>heh, bugger... I wonder how that happened.

>
>
> Perhaps there was a vulnerability that compromised their security???? ;-)
> Na that cant be true..... ;-)
>

A password crack, I guess these Debian folk are humans just like the
rest of us. Interesting to contrast the attitude of the Debian project
to a server compromise to that of Microsoft to a similar event.


Max Burke 11-21-2003 11:54 PM

Re: !Some Debian Project machines compromised
 
> Roger_Nickel scribbled:

>> Max Burke wrote:
>> ------------------------------------------------------------------------
>> The Debian Project http://www.debian.org/
>> Some Debian Project machines compromised
>> press@debian.org
>> November 21st, 2003
>> ------------------------------------------------------------------------
>> Some Debian Project machines have been compromised This is a very
>> unfortunate incident to report about. Some Debian servers were
>> found to have been compromised in the last 24 hours.


>>> heh, bugger... I wonder how that happened.


>> Perhaps there was a vulnerability that compromised their
>> security???? ;-) Na that cant be true..... ;-)


> A password crack, I guess these Debian folk are humans just like the
> rest of us.


All of us?

> Interesting to contrast the attitude of the Debian project
> to a server compromise to that of Microsoft to a similar event.


Not really; In fact a pointless waste of time (IMO).....

--
mlvburke@#%&*.net.nz
Replace the obvious with paradise to email me.
See Found Images at:
http://homepages.paradise.net.nz/~mlvburke/


harry 11-22-2003 01:18 AM

Re: !Some Debian Project machines compromised
 

"Max Burke" <mlvburke@%$%#@.nz> wrote in message
news:Cxuvb.8895$ws.783919@news02.tsnz.net...
> ------------------------------------------------------------------------
> The Debian Project http://www.debian.org/
> Some Debian Project machines compromised
> press@debian.org
> November 21st, 2003
> ------------------------------------------------------------------------
> Some Debian Project machines have been compromised This is a very
> unfortunate incident to report about. Some Debian servers were found to
> have been compromised in the last 24 hours.
>
> The archive is not affected by this compromise!
> In particular the following machines have been affected:
>
> master (Bug Tracking System)
> murphy (mailing lists)
> gluck (web, cvs)
> klecker (security, non-us, web search, www-master)
>
> Some of these services are currently not available as the machines undergo
> close inspection. Some services have been moved to other machines
> (www.debian.org for example). The security archive will be verified from
> trusted sources before it will become available again.
>
> Please note that we have recently prepared a new point release for Debian
> GNU/Linux 3.0 (woody), release 3.0r2. While it has not been announced

yet,
> it has been pushed to our mirrors already. The announcement was scheduled
> for this morning but had to be postponed. This update has now been checked
> and it is not affected by the compromise.
>
> We apologise for the disruptions of some services over the next few days.
> We are working on restoring the services and verifying the content of our
> archives.
> http://cert.uni-stuttgart.de/files/f...y-20031121.txt
> --
> mlvburke@#%&*.net.nz
> Replace the obvious with paradise to email me.
> See Found Images at:
> http://homepages.paradise.net.nz/~mlvburke/
>


Its quite candid isn't it ?
They have had a password compromised and they follow their commitment to
disclosure and then fixed it.
The Debian Project depends on transparency of testing and verification.
Packages have to meet strict criteria and bug testing targets before they
progress from "unstable" to "testing" and finally to the current "stable"
release.
They have no big stake in bogus PR construction of a "reputation", just
total disclosure for the benefit of users.
Thats their motivation for publishing this news as widely as possible.
Whats yours Max ?



Evil Bastard 11-22-2003 01:51 AM

Re: !Some Debian Project machines compromised
 
On Sat, 22 Nov 2003 09:26:01 +1300, Max Burke wrote:

> The archive is not affected by this compromise!


Phew!

Had me worried for a moment there - have downloaded a shitload of stuff
over the last 2 days.




All times are GMT. The time now is 02:24 AM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.