Free software repository brought down in hack attack

Free software repository brought down in hack attack
Free software repository brought down in hack attack 

By Dan Goodin in San Francisco
The Register
1st December 2010

The main source-code repository for the Free Software Foundation has 
been taken down following an attack that compromised some of the 
website's account passwords and may have gained unfettered 
administrative access.

The SQL-injection attacks on GNU Savannah exploited holes in Savane, the 
open-source software hosting application that was spun off from 
SourceForge, Matt Lee, a campaigns manager for the Free Software 
Foundation, told The Register. The attackers were then able to obtain 
the entire database of usernames and hashed passwords, some of which 
were decrypted using brute-force techniques.

Project managers took GNU Savannah offline on Saturday, more than 48 
hours after the attack occurred. They expect to bring the site back 
online on Wednesday, although they're not guaranteeing it will be fully 
functional. Out of an abundance of caution, restored data will come from 
a backup made on November 24, prior to the compromise. Lee said there's 
no reason to believe any of the source code hosted on the site was 
affected by the breach.


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure. 

Site design & layout copyright © 1986-2015 CodeGods