More Info on Debian.org Security Breach 545
mbanck writes "James Troup (part of the Debian System administration team) has published more information on the recent compromise of four debian.org machines. The attack vector seemed to be a sniffed password of an unprivileged account, from which the attacker somehow managed to gain root and install the suckit rootkit and crack the other machines. As the machines were fairly uptodate with respect to security, an as-of-yet unknown local root exploit might be in the wild, so keep an eye on your boxen.Note that the main ftp archive running on a sparc machine was not compromised, so the exploit might not yet be ported to non-i386 architectures."
Comment removed (Score:3, Funny)
Re:Boxen.. (Score:4, Funny)
Comment removed (Score:-1, Funny)
Re:Human Error (Score:5, Funny)
Repeat after me: The best password is the one that isn't stikie'd to the monitor and/or keyboard.
Re:Boxen.. (Score:5, Funny)
Re:Human Error (Score:5, Funny)
Re:Boxen.. (Score:1, Funny)
Re:Boxen.. (Score:1, Funny)
Re:Diebold, take note (Score:1, Funny)
Re:Boxen.. (Score:5, Funny)
Re:Boxen.. (Score:2, Funny)
Easy solution (Score:4, Funny)
Oh, and "password" is not really a "password".
Re: Human Error (Score:2, Funny)
> This incident reminds us of the importance of password security. It is sad to see one weak password responsible for such a breach.
I'm apologize - I never imagined that they would guess 'mydebian'.
Ammended for the rest of us: (Score:5, Funny)
Re:Human Error (Score:2, Funny)
Re:#1 on Ten Immutable Laws of Security (Score:5, Funny)
That's why I've been saying for years that all my computers are owned by Bill Gates.
Unknown Debian exploit? (Score:5, Funny)
Re:Boxen.. (Score:3, Funny)
Re:This attack has obviosly shocked the comunity. (Score:1, Funny)
omg u r a smarty man d00d ^__^
asl??
Re:Human Error (Score:3, Funny)
-
Re:Boxen.. (Score:3, Funny)
and now that i'm on a "roll" - why the hell aren't the santa cruz organization and stanford university networks actually in santa cruz or stanford university? at least ibm is international...
Re:Unknown Debian exploit? (Score:5, Funny)
hey it is pretty nice - i'm having a look around right now!
Re:Boxen.. (Score:3, Funny)
Another of my favorites:
"I before E except after C
and when sounding like A as in neighbor and weigh
or on weekends or holidays or all throughout May
and you'll always be wrong no matter what you say!"
He's a very funny comic. There's a fan site that's worth checking out too. [brian-regan.com]
Re: Human Error (Score:3, Funny)
Re:Human Error (Score:3, Funny)
Brian Regan (Score:2, Funny)
Erwin: "Oxen. The farmer used his oxen."
Teacher: "Brian!"
Brian: "Whaaaat?"
Teacher: "What's the plural for Box?"
Brian: "Boxen. I bought two boxen of doughnuts."
Teacher: "No, Brian, you're an idiot."
Teacher: "Let's try another one. Erwin, what's the plural for goose?"
Erwin: "Geese. I saw a flock of geese."
Teacher: "Brian!"
Brian: "Whaaaat?
Teacher: "Brian, what's the plural for Moose?"
Brian: "Moosen! I saw a flock of moosen! There... there were many of them. Many much of them. Many much moosen. They were out in the woods... in the woodsen! They were eating grass... greese! The meese were eating greese in the woodsen! They were looking for the foodis to eatinisit! out in the woodingenis... in the woodenis... in the woodingenisenisen!
Teacher: "Brian, you're an imbecile."
Brian: "Imbecilen!"
Re:One recommendation (Score:4, Funny)
Re:Human Error (Score:1, Funny)
Re:So much for unbiased Slashdot (Score:5, Funny)
Re:Diebold, take note (Score:2, Funny)
Re:Brian Regan (Score:3, Funny)
Defeat binary evil! (Score:2, Funny)
So if we run Linux on Sparc, and Solaris on x86, we're safe!