[GLLUG] Free BSD

Ex Fed exfed at hotmail.com
Tue Nov 20 17:44:54 EST 2012


I saw this out on Sans News Bytes:

--FreeBSD Servers Compromised
(November 17 & 19, 2012)
Users who have installed software packages through the FreeBSD Project
since September 19 should completely reinstall their machines, as
hackers have compromised two of the Project's servers. The intrusions
were detected on November 11, and those machines have been taken offline
so they could be analyzed. FreeBSD also took a number of other machines
offline as a precaution. The compromise affected the collection of
third-party software packages distributed by the FreeBSD Project. An
audit of the FreeBSD basic system found that the operating system's
kernel, system libraries, complier, and core command-line tools were not
affected. The organization's security team believes the intruders gained
access to the servers using a SSH authentication key that was stolen
from a developer. Because of the intrusion, the integrity of packages
that were available for installation between September 19, 2012, and
November 11, 2012 is called into question.
http://www.computerworld.com/s/article/9233822/Hackers_break_into_two_FreeBSD_Project_servers_using_stolen_SSH_keys?taxonomyId=17
http://www.h-online.com/security/news/item/Hackers-obtained-access-to-FreeBSD-servers-1752060.html


Lee D.
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.egr.msu.edu/mailman/public/linux-user/attachments/20121120/6784f6ba/attachment.html>


More information about the linux-user mailing list