Slashdot Mirror


Novell OpenSUSE Server Hacked

abelikoff writes "Both LinuxWorld Australia and SuSE Linux Forums report that OpenSUSE website got hacked last night." This story was submitted quite a number of times.

3 of 329 comments (clear)

  1. Details of the hack? by Trigulus · · Score: 5, Interesting

    Was this a targeted attack? Did they just fall victim to a script? Unpatched vulnerability? Weak password? what? Im just asking cause none of the links provided answer this.

    --
    If something exists that does not need a creator (god) then why must the cosmos need one?
  2. Re:Linux Secure By Design? by scronline · · Score: 5, Interesting

    Speaking from personal experience, 85% of all hacks come from poor administration. ie. not patching flaws, weak passwords, poor security measure such as file permissions and lack of firewalls. The remaining 15% come from a mixture of things, and like it or not, 14.999% of that is Windows. Security through obscurity doesn't work when you have thousands of people pounding at your code just trying to find a way in.

    All these Worms on the net is a perfect example. And when you get down to it, even some of the poor administration is Microsoft's fault for making it "so easy you don't need an experienced technician...." When in fact they bury stuff so deep unless you know where it is, the necessary changes don't get made leaving everything as default.

    I can't even begin to count how many times I've gone to a customer's location where they had an employee that was a self proclaimed geek that did all the setup and everything was not only wrong, it opened gaping holes on their network. Including things like having a USER logging in as Administrator on the server and using it as a workstation.

    Plus I won't go into all the people who hold an MCSE that never touched a computer until they went to a 2 week bootcamp on how to pass the tests.

    But, point in fact, any closed source application is subject to flaws that don't get patched because it's a small enough flaw that putting a programmer on it to fix it would cost more than keeping the flaw hidden.

  3. That IS the breach of security. by khasim · · Score: 5, Interesting

    Allowing "users" to setup their own box, on your network, outside your firewall, using your IP address IS a breach of security.