hackad debian :s
Postat: 13 jul 2006, 19:20
The Debian GNU/Linux project has admitted in a press release today that a hacker had compromised one of their internal servers.
Debian developer James Troup wrote in an e-mail addressed to the Debian community, shortly before 4am AEST: "Early this morning we discovered that someone had managed to compromise gluck.debian.org. We've taken the machine offline and are preparing to reinstall it. This means the following debian.org services are currently offline: cvs, ddtp, lintian, people, popcon, planet, ports, release.
Based on the results of our initial investigation we've locked down most other debian.org machines, limiting access to DSA only, until they can be fixed for what we suspect is the exploit used to compromise gluck."
James Troup said that he has initiated a security lock-down on most of Debian project’s other servers, enforcing limited access to the resources, as a precaution measure.
The embarassing security breach is not the first for Debian, as in November 2003 several of Debian's servers were similarly compromised and pulled offline. James Troup was also one of the people who investigated that incident.
We remind everyone that Debian Operating System is an association of individuals who have made common cause to create a free operating system. Among other versions of Linux, Debian is fairly unique, since unlike most distributions it isn't backed by any for profit venture and instead is an all volunteer organization. There is no for profit company, or business plan behind Debian, it is a wide ranging project along the lines of GNU.
Debian developer James Troup wrote in an e-mail addressed to the Debian community, shortly before 4am AEST: "Early this morning we discovered that someone had managed to compromise gluck.debian.org. We've taken the machine offline and are preparing to reinstall it. This means the following debian.org services are currently offline: cvs, ddtp, lintian, people, popcon, planet, ports, release.
Based on the results of our initial investigation we've locked down most other debian.org machines, limiting access to DSA only, until they can be fixed for what we suspect is the exploit used to compromise gluck."
James Troup said that he has initiated a security lock-down on most of Debian project’s other servers, enforcing limited access to the resources, as a precaution measure.
The embarassing security breach is not the first for Debian, as in November 2003 several of Debian's servers were similarly compromised and pulled offline. James Troup was also one of the people who investigated that incident.
We remind everyone that Debian Operating System is an association of individuals who have made common cause to create a free operating system. Among other versions of Linux, Debian is fairly unique, since unlike most distributions it isn't backed by any for profit venture and instead is an all volunteer organization. There is no for profit company, or business plan behind Debian, it is a wide ranging project along the lines of GNU.
