Slashdot Mirror


Kernel.org Attackers Didn't Know What They Had

Trailrunner7 writes "The attack that compromised some high-value servers belonging to kernel.org — but not the Linux kernel source code — may have been the work of hackers who simply got lucky and didn't realize the value of the servers that they had gotten their hands on. The attackers made a couple of mistakes that enabled the administrators at kernel.org to discover the breach and stop it before any major damage occurred. First, they used a known Linux rootkit called Phalanx that the admins were able to detect. And second, the attackers set up SSH backdoors on the compromised servers, which the admins also discovered. Had the hackers been specifically targeting the kernel.org servers, the attack probably would've looked quite different." A few blog posts in the wake of the attack have agreed with the initial announcement; while it was embarrassing, the integrity of the kernel source is not in question.

1 of 183 comments (clear)

  1. Re:The motive doesn't matter. It's time for action by Anonymous Coward · · Score: -1, Troll

    Even the most inexperienced OpenBSD admins would know better than to use password-based authentication, and would instead choose one of the other, more secure, approaches. They'd also know how to set up their system such that a compromised user account could not cause widespread damage to the entire system. Furthermore, they'd know how to prevent privilege escalation. They'd also have much better intrusion prevention and detection measures in place.

    I hate to admit it, but many of these basic concepts are far beyond even the best Linux admins.