AOH :: ISN-2718.HTM

Debian server hacked

Debian server hacked
Debian server hacked,2000061744,39263270,00.htm 

By Renai LeMay
ZDNet Australia
13 July 2006

The Debian GNU/Linux project today admitted a hacker had compromised one 
of its internal servers.

"Early this morning we discovered that someone had managed to compromise," Debian developer James Troup wrote in an e-mail to the 
Debian community shortly before 4am AEST.

"We've taken the machine offline and are preparing to reinstall it," Troup 
continued, noting a number of key services were currently offline as a 

The developer said Debian had initiated a security lock-down on most of 
its other servers, enforcing limited access to the resources.

"We're still investigating exactly what happened and the extent of the 
damage. We'll post more info as soon as we reasonably can," Troup said.

Troup added Debian would commence securing its other servers from "what we 
suspect is the exploit used to compromise gluck".

The embarassing security breach is not the first for Debian.

In November 2003 several of Debian's servers were similarly compromised 
and pulled offline. Troup was also one of the key developers investigating 
that incident.

ZDNet Australia has requested comment from the Debian Project about this 
morning's security breach.

Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches. 

Site design & layout copyright © 1986-2015 CodeGods