Slashdot Mirror

← Back to Stories (view on slashdot.org)

More Info on Debian.org Security Breach

Posted by michael on from the inspector-clouseau dept.

mbanck writes "James Troup (part of the Debian System administration team) has published more information on the recent compromise of four debian.org machines. The attack vector seemed to be a sniffed password of an unprivileged account, from which the attacker somehow managed to gain root and install the suckit rootkit and crack the other machines. As the machines were fairly uptodate with respect to security, an as-of-yet unknown local root exploit might be in the wild, so keep an eye on your boxen.Note that the main ftp archive running on a sparc machine was not compromised, so the exploit might not yet be ported to non-i386 architectures."

4 of 545 comments (clear)

  1. Re:Boxen.. by core+plexus · · Score: 0, Troll
    Zero Cool and Duke Nukem from the 90's called, they want their boxen back.

    -cp-

    President Bush to Liberate Alaska

  2. Re:One recommendation by gmby · · Score: 1, Troll

    Cut the return transmit wires on the ethernet cable so data only goes one way. No way around that. think you can root a system that's not talking back! ;)

    --
    I don't want a pickle; I just want a Motor-Cycle! A four foot cop arrived with a five foot gun!
  3. Re:What's up with these anti-Linux attacks? by segment · · Score: 2, Troll
    I'm pretty sure that these systems were secured against all known local root exploits; if they weren't, this probably would have happened long ago.

    Apparently not so secure they were now were they.

    So, what's going on here? Are these simply two unrelated attacks? Is it an attempt by an immature highschooler with some cracking talent to boast to his friends "LOL 1 hax0rred debian.org!?" Is it an attempt by some sort of anti-Linux commandoes to undermine Linux's public image? I almost suspect the latter, but the prime suspect there is Microsoft, who have far too much to lose by going that route and plenty of money for traditional FUD that will make it into "traditional" news channels better anyway. SCO might be crazy enough to do it, but they probably wouldn't want to divert resources away from spewing lawsuits at everyone in existence.

    This is the most far out shit I've seen to date and it's sickening to think someone took this bullshit and mod'ed this trollish "Bill Gates hates Linux so much he gcc -o vixie vixie.c ; ./vixie'd kernel dot org" ... Pitiful

    From what I understand of the cracker community, Linux is held in fairly high regard (although I admit I don't try to keep up on the latest in the cracker community).

    FYI if you took some vitamin clue you would know Linux is not that far behind MS on security exploits. Now now now, before the Linux zealots bash get real and look it up. Linux is the second most attacked machine, now you're going to say because it's what the second highest used OS? Let's see, I have about 200k visitors for the month on one of my sites, first place for OS visits MS, second.. OSX you see what I typed there, followed by Linux, sure content wise would make the diff if you want to go there, but you'd be looking for an excuse to justify the shoddy security put into Linux.

    Now I won't go into the BSD's, because I just won't nor will I go into Solaris, but do your homework, Linux `used to be` all that, nowadays I look at it as LiNuX vErSiOn v.666... A toy nothing more and don't even use it anymore, nor will I advocate it. It went from something cool into the new MS'like farce

    You'd think that black-hats, who tend to be rather immature, when armed with a brand new exploit, would attack a site seen by the general public and post goatse.cx images on the front page, rather than subtly changing Debian packages.

    You think about this instead of your lame MS conspiracy theory... If you're an attacker, and wanted to make a name for yourself, you would probably target a heavy site, an entire operating system spread throughout the world, and you would be an underground legend.

    A criminal looking for a backdoor worldwide, and you would be rich. The possibilities are endless. Do you think that a man with so much to lose by committing such an asinine crime as the one you mentioned would stoop so low? You must be smoking oxy with Rush.

    So, who's behind all this?

    Better call my lawyer again before I get blamed for this shit too

    --
    MoFscker
  4. Re:So much for unbiased Slashdot by cscx · · Score: 0, Troll

    There is a lot of bullshit around here. I've been a proud user of Outlook for about 3 years now (that's 3 versions -- I migrated from Eudora and Netscape Messenger) and I've never had a problem.

    Let's just say I'm happy that Debian refused to install on my firewall box (couldn't see the NIC card -- sheesh!) -- It's running brand spankin' new OpenBSD 3.4, an upgrade from 3.3. It's nice not to have to worry :)