Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 17
Just a quick heads up here to let you all know that there has been a security breach at kernel.org : Kernel.org Server Rooted and 448 users credentials compromised ~ ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    oz
    oz is offline
    forum.guy
    Join Date
    May 2004
    Location
    arch linux
    Posts
    18,733

    Kernel.org Server Compromised


    Just a quick heads up here to let you all know that there has been a security breach at kernel.org:

    Kernel.org Server Rooted and 448 users credentials compromised ~ THN : The Hacker News

    Additional details can be found at the kernel.org website (scroll down to the Site News section):

    https://www.kernel.org/
    oz

  2. #2
    Administrator MikeTbob's Avatar
    Join Date
    Apr 2006
    Location
    Texas
    Posts
    7,864
    I saw that on LXer earlier but only skimmed the article. It seems they do not think the repos were affected. Other good news to the story.
    “For each of the nearly 40,000 files in the Linux kernel, a cryptographically secure SHA-1 hash is calculated to uniquely define the exact contents of that file,” the statement explained. “Once it is published, it is not possible to change the old versions without it being noticed.”
    I do not respond to private messages asking for Linux help, Please keep it on the forums only.
    All new users please read this.** Forum FAQS. ** Adopt an unanswered post.

    I'd rather be lost at the lake than found at home.

  3. #3
    Linux Guru Lakshmipathi's Avatar
    Join Date
    Sep 2006
    Location
    3rd rock from sun - Often seen near moon
    Posts
    1,757

    Wink kernel.org compromised ..linus is on github !

    You may be interested in reading this -
    https://lwn.net/Articles/457539/
    and his profile here https://github.com/torvalds/
    First they ignore you,Then they laugh at you,Then they fight with you,Then you win. - M.K.Gandhi
    -----
    FOSS India Award winning ext3fs Undelete tool www.giis.co.in. Online Linux Terminal http://www.webminal.org

  4. #4
    Blackfooted Penguin daark.child's Avatar
    Join Date
    Apr 2006
    Location
    West Yorks
    Posts
    4,393
    It must be a bit embarrassing for the site admins, but its a good that the source code was not compromised.

  5. #5
    oz
    oz is offline
    forum.guy
    Join Date
    May 2004
    Location
    arch linux
    Posts
    18,733
    A number of their servers have been down for days... maybe even more than a week, now. They must be doing some serious revamping to keep them down so long.
    oz

  6. #6
    Blackfooted Penguin daark.child's Avatar
    Join Date
    Apr 2006
    Location
    West Yorks
    Posts
    4,393
    While the site is being revamped, the source code is available at Github.

  7. #7
    oz
    oz is offline
    forum.guy
    Join Date
    May 2004
    Location
    arch linux
    Posts
    18,733
    Thanks, daark.child!

    Their's will probably be some of the safest mirrors available once they've finished cleaning things up and go on-line again. I had been using them for my Arch package upgrades but had to find another good source after the compromise and the mirrors were taken off-line. Probably will start using them again, though.
    oz

  8. #8
    Linux Guru Lakshmipathi's Avatar
    Join Date
    Sep 2006
    Location
    3rd rock from sun - Often seen near moon
    Posts
    1,757
    linux.com and linuxfoundation both are down. Seems like the crackers made a severe damage.
    First they ignore you,Then they laugh at you,Then they fight with you,Then you win. - M.K.Gandhi
    -----
    FOSS India Award winning ext3fs Undelete tool www.giis.co.in. Online Linux Terminal http://www.webminal.org

  9. #9
    Guest
    Join Date
    Feb 2005
    Posts
    312
    http://www.linux.com/
    Linux Foundation infrastructure including LinuxFoundation.org, Linux.com, and their subdomains are down for maintenance due to a security breach that was discovered on September 8, 2011. The Linux Foundation made this decision in the interest of extreme caution and security best practices. We believe this breach was connected to the intrusion on kernel.org.

    We are in the process of restoring services in a secure manner as quickly as possible. As with any intrusion and as a matter of caution, you should consider the passwords and SSH keys that you have used on these sites compromised. If you have reused these passwords on other sites, please change them immediately. We are currently auditing all systems and will update this statement when we have more information.

    We apologize for the inconvenience. We are taking this matter seriously and appreciate your patience. The Linux Foundation infrastructure houses a variety of services and programs including Linux.com, Open Printing, Linux Mark, Linux Foundation events and others, but does not include the Linux kernel or its code repositories.

    Please contact us at info@linuxfoundation.org with questions about this matter.

    The Linux Foundation


    *** UPDATE***

    We want to thank you for your questions and your support. We hope this FAQ can help address some of your inquiries.

    Q: When will Linux Foundation services, such as events, training and Linux.com be back online?

    Our team is working around the clock to restore these important services. We are working with authorities and exercising both extreme caution and diligence. Services will begin coming back online in the coming days and will keep you informed every step of the way.

    Q: Were passwords stored in plaintext?

    The Linux Foundation does not store passwords in plaintext. However an attacker with access to stored password would have direct access to conduct a brute force attack. An in-depth analysis of direct-access brute forcing, as it relates to password strength, can be read at Schneier on Security: Choosing Secure Passwords. We encourage you to use extreme caution, as is the case in any security breach, and discontinue the use of that password if you re-use it across other sites.

    Q: Does my Linux.com email address work?

    Yes, Linux.com email addresses are working and safe to use.

    Q: What do you know about the source of the attack?

    We are aggressively investigating the source of the attack. Unfortunately, we can't elaborate on this for the time being.

    Q: Is there anything I can do to help?

    We want to thank everyone who has expressed their support while we address this breach. We ask you to be patient as we do everything possible to restore services as quickly as possible.
    Just a guess but, most likely credentials which were compromised at kernel.org were also reused on those servers...

  10. #10
    Linux Enthusiast cousinlucky's Avatar
    Join Date
    Dec 2005
    Location
    New York City
    Posts
    676
    I have to admit that my first thought was that this was a microsoft attack on linux!!
    PCLinuxOS Gnome and PCLinuxOS Mate
    Linux user # 414321
    You Should Not Give In To Evils, But Proceed Ever More Boldly Against Them!! -from book six of Virgil's Aeneid
    Everything Within The Universe Is Related; We Are All Cousins!!

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •