More Info on Debian.org Security Breach

mbanck writes "James Troup (part of the Debian System administration team) has published more information on the recent compromise of four debian.org machines. The attack vector seemed to be a sniffed password of an unprivileged account, from which the attacker somehow managed to gain root and install the suckit rootkit and crack the other machines. As the machines were fairly uptodate with respect to security, an as-of-yet unknown local root exploit might be in the wild, so keep an eye on your boxen.Note that the main ftp archive running on a sparc machine was not compromised, so the exploit might not yet be ported to non-i386 architectures."

a sticky situation

[gearheadsmp]

As a matter of fact, Monica Lewinski gave some teenager who lives in his parent's basement oral sex to write the rootkit. It wasn't that hard - Monica showed up wearing a poncho to shield herself from the shower of "milk", and then the script kidde saw the Saturday Night Live rerun on Comedy Central, in which Bill Clinton announces the end of his legacy, says "Suck it! Suck on it!", and Dubya shows up and brags about how he bought a Big Mouth Billy Bass for $1,000. Hence, the name. Now as to how the script kidde got mad at the Debian project, well, I'll leave that to the Gentoo Zealots.