[glug-t] Some Debian Servers Compromised!

• From: "GLUG -T" <glug_t@xxxxxxxxxxxxx>
• To: glug_t@xxxxxxxxxxxxx
• Date: Sat, 22 Nov 2003 00:19:29 +0800

An unfortunate thing happened today morning, just when they were going to 
announce Debian 3.0r2. The following GPG signed information was posted on the 
debian-announce mailing list by Martin Schulze. It is very unfortunate that 
crackers choose such community driven efforts for attacks.

Looking at the brighter side, it will atleast teach people to differentiate 
between hackers and crackers.

---------------------

Some Debian Project machines have been compromised

This is a very unfortunate incident to report about.  Some Debian
servers were found to have been compromised in the last 24 hours.

The archive is not affected by this compromise!

In particular the following machines have been affected:

  . master (Bug Tracking System)
  . murphy (mailing lists)
  . gluck (web, cvs)
  . klecker (security, non-us, web search, www-master)

Some of these services are currently not available as the machines
undergo close inspection.  Some services have been moved to other
machines (www.debian.org for example).

The security archive will be verified from trusted sources before it
will become available again.

Please note that we have recently prepared a new point release for
Debian GNU/Linux 3.0 (woody), release 3.0r2.  While it has not been
announced yet, it has been pushed to our mirrors already.  The
announcement was scheduled for this morning but had to be postponed.
This update has now been checked and it is not affected by the
compromise.

We apologise for the disruptions of some services over the next few
days.  We are working on restoring the services and verifying the
content of our archives.

-----------------------------

-- 
______________________________________________
Check out the latest SMS services @ http://www.linuxmail.org 
This allows you to send and receive SMS through your mailbox.


Powered by Outblaze
---------------------------------------------------------------
To unsubscribe send a mail to glug_t-request@xxxxxxxxxxxxx with 
'unsubscribe' as subject.

Website: http://glugt.linuxisle.com

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription