Slashdot Mirror

← Back to Stories (view on slashdot.org)

Novell OpenSUSE Server Hacked

Posted by ryuzaki0 on from the hate-when-that-happens dept.

abelikoff writes "Both LinuxWorld Australia and SuSE Linux Forums report that OpenSUSE website got hacked last night." This story was submitted quite a number of times.

7 of 329 comments (clear)

  1. ssh scan by perp · · Score: 4, Informative
    This server probably had a weak root password and was hacked by one of the several automated ssh bruteforcers out there http://www.linux.com/article.pl?sid=05/09/15/16552 34

    I see these attacks all the time on all Internet facing servers.

    --
    There are two kinds of sysadmins: paranoids and losers. I'm both kinds.
    1. Re:ssh scan by jaclu · · Score: 4, Informative

      I have a hard time to see the gain in security by disalowing root but allowing users to login and then sudo.

      In the case of three admins, you would end up with three accounts that could be exploited, rather increasing if anything the risk of direct ssh exploits.

      Once the bad guy is in, he has all the local exploit possibilities to gain root, so your already in trouble if they get in.

      So as long as you do ssh with passwords, disalowing root-login dosent really buy you any security, but it hassels the admins each and every day.

      On the other hand, prefered method would be to login with keys and disallow passwords completely whenever possible.

    2. Re:ssh scan by Gogo0 · · Score: 4, Informative

      Part of the security comes from non-root logins being unknown.

      One could try to use a non-root user to bruteforce their way into my system, but they'll either get one (probably created by an application) with /dev/null as a shell or they will be trying usernames that dont exist.

    3. Re:ssh scan by despisethesun · · Score: 5, Informative

      I have a hard time to see the gain in security by disalowing root but allowing users to login and then sudo.

      You must not have much experience with sudo. One of the benefits of it is that it allows you to give root permission to people for specific tasks that they would need that access level for. While there are certainly a lot of people who set their sudoers file to "allow all" for everyone, if sudo is properly implemented no one should be able to do anything they don't NEED to do as root. Sudo also has the benefit of keeping track of what users used it to do what tasks, making it easier to trace the path an attack came from.

      Gogo0 also mentioned an added benefit to this scheme so I'm not going to repeat it here.

      --
      This poo is cold.
  2. different hacks, different times by sjvn · · Score: 4, Informative

    The LinuxWorld Australia story is actually about an earlier break-in of a Novell system that was being used for World of Warcraft related stuff, not the OpenSUSE site at all.

    Steven

  3. OpenSUSE website Hacked? No. by blanks · · Score: 5, Informative

    The open SuSE website wasnt hacked, it was a damn gamming machine they had on their network.

    From TFA:

    "The employees that set it up apparently had no idea of security," Brandon said. "But what is really surprising is that Novell would allow employees to set up game servers on their corporate network and then allow the public to access it."

    "There was no major breach of security here," Barney said. "Needless to say, we are taking the appropriate steps" to address the situation.

    --
    TruePunk | Games
  4. Re:Practical upshot? Am I safe? by houghi · · Score: 4, Informative

    I'm running SuSe 9.3, and this morning, I let the automated update program do it's thing. Did I download and install any breached files?

    No. It was just the WiKi server that went down.

    --
    Don't fight for your country, if your country does not fight for you.