[glug-t] Yet another server compromised

• From: "GLUG -T" <glug_t@xxxxxxxxxxxxx>
• To: glug_t@xxxxxxxxxxxxx
• Date: Mon, 08 Dec 2003 20:35:43 +0800

On December 1st, 2003, we discovered that the "Savannah" system, which is 
maintained by the Free Software Foundation and provides CVS and development 
services to the GNU project and other Free Software projects, was compromised 
at circa November 2nd, 2003. 

The compromise seems to be of the same nature as the recent attacks on Debian 
project servers; the attacker seemed to operate identically. However, this 
incident was distinctly different from the modus operandi we found in the 
attacks on our FTP server in August 2003. We have also confirmed that an 
unauthorized party gained root access and installed a root-kit ("SucKIT") on 
November 2nd, 2003. 

In the interest of continuing cooperation and in helping to improve security 
for all essential Free Software infrastructure, and despite important 
philosophical differences, we are working closely with Debian project members 
to find the perpetrators and to secure essential Free Software infrastructure 
for the future. We hope to have future joint announcements that discuss a 
unified strategy for addressing these problems. 

For the moment, we are installing replacement hardware for the Savannah system, 
and we will begin restoring the Savannah software this week. Initially, there 
will be some security related changes which may be inconvenient for our 
developers. We will try to ease these as we find secure ways to do so. We are 
in particular researching ways to ensure secured authentication of the source 
code trees stored on the system. 

We will send more detailed announcements about efforts to verify the 
authenticity of the source code hosted on Savannah, and how the community can 
help in that effort once we've brought the system back online. 

We hope to have at least minimal services back up by Friday 5 December 2003

-- 
______________________________________________
Check out the latest SMS services @ http://www.linuxmail.org 
This allows you to send and receive SMS through your mailbox.


Powered by Outblaze
---------------------------------------------------------------
To unsubscribe send a mail to glug_t-request@xxxxxxxxxxxxx with 
'unsubscribe' as subject.

Website: http://glugt.linuxisle.com

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription