Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ongoing Linux/Solaris Compromise Epidemic

Posted by timothy on from the active-malice dept.

An anonymous reader writes to point out that Stanford's Information Technology Systems and Services "has written a summary of a series of compromises that have been happening at universities, research institutions, and high performance computing centers, for the last month or more. The attackers are using known vulnerabilities in Linux and Solaris, along with compromised user accounts, to gain access and control of systems, from standalone servers to HPC clusters ... (the attacks are still ongoing)."

7 of 366 comments (clear)

  1. Re:Attacks against universities? by Anonymous Coward · · Score: -1, Offtopic

    How the flying f**k did you get Offtopic for that?! What's wrong with the mods recently?

  2. YEA!!! by Anonymous Coward · · Score: -1, Offtopic

    keep pulling goatsex man...keep pulling.

  3. Tina's original email alert by Anonymous Coward · · Score: -1, Offtopic

    my school's definitely be affected by hacking ---------- Forwarded message ---------- Date: Tue, 6 Apr 2004 17:45:08 -0700 From: Dr. Tina Bird To: SECURITY@LISTSERV.EDUCAUSE.EDU Subject: [SECURITY] FW: Multiple UNIX compromises at Stanford > -----Original Message----- > From: owner-first-teams@first.org > [mailto:owner-first-teams@first.org] On Behalf Of Dr. Tina Bird > Sent: Tuesday, April 06, 2004 5:41 PM > To: first-teams@first.org > Subject: Multiple UNIX compromises at Stanford > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > Hi all -- Rather more disturbing to this old UNIX geek than > the rapid spread of Phatbot and its relatives is the > widespread, apparently co-ordinated attack being seen > targetting Linux and Solaris systems in higher education and > research organizations. I've just released the following > alert to Stanford; please feel free to distribute the > information to your UNIX system administrators and other > interested parties. > > The full text of this Security Alert is on line at > . Stanford, along with a large number of research institutions and high performance computing centers, has become a target for some sophisticated Linux and Solaris attacks. An unknown attacker (or group) has compromised numerous multi-user Solaris and Linux computers on Stanford's campus using a variety of mechanisms. In most cases, the attacker gets access to a machine by cracking or sniffing passwords. Local user accounts are escalated to root privileges by triggering a variety of local exploits, including the do_brk() and mremap() exploits on Linux and the arbitrary kernel loading modules and passwd vulnerabilities on Solaris. If you manage multi-user Linux or Solaris systems, please read the alert referenced above and take the appropriate action to protect your systems and your users. cheers? tbird - - -- Dr. Tina Bird Information Security Services, Stanford University http://securecomputing.stanford.edu/alert.html http://www.loganalysis.org http://vpn.shmoo.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (OpenBSD) Comment: Made with pgp4pine 1.76 iD8DBQFAc04dcoaZZ4u5dCIRAvL5AKDyN9OJAq6cp5vsnQP5VU 8MQcw2rACfWSI+ fogoa1PK3od2vW9xajWuGZg= =wT09 -----END PGP SIGNATURE-----

  4. mod Momfuck virus up!! by Anonymous Coward · · Score: -1, Offtopic

    loolL!!

    Remeber, Ctrl-Alt-Del helps keep your password secure!

    1. Re:mod Momfuck virus up!! by Anonymous Coward · · Score: -1, Offtopic

      d00d! m`/ p455w3r|) 1Z Ctrl-Alt-Del!!!!!
      Now you've given it away
      ratsass!

  5. Re:Windows is not the only vulnerable OS by morelife · · Score: -1, Offtopic

    Die, you Microsoft defender.

  6. Re:Nothing to worry about by Anonymous Coward · · Score: -1, Offtopic

    Still taking yourself too seriously to spot the trolls, eh? You lame, lame goth fag!

    YHBT YHL HAND.