Login
Любителям Ubuntu посвящается...
414 просмотров
Перейти к просмотру всей ветки
Свежачок-с (меньше месяца):
The open-source Ubuntu project shut down on Saturday five of eight community-run servers that the group sponsors, after attacks were detected emanating from the computers.
...
The Ubuntu project, which manages the popular Linux distribution, received reports of the attacks on Monday, August 6, and proceeded to take the servers offline. The servers were running an older version of the Ubuntu Linux operating system, making several software packages vulnerable to known flaws.
Оригинал статьи тут: http://www.securityfocus.com/brief/570
Из официального объяснения (https://lists.ubuntu.com/archives/loco-contacts/2007-August/001510.html)
How did this happen
-------------------
Unfortunately:
a) the servers, especially zambezi were running an incredible
amount of web software (over 15 packages[1] that we recognised)
and
of all the ones where it's trivial to determine a version, they
were without exception out-of-date and missing security patches.
An attacker could have gotten a shell through almost any of
these sites.
b) FTP (not sftp, without SSL) was being used to access the
machines, so an attacker (in the right place) could also have
gotten access by sniffing the clear-text passwords.
c) The servers have not been upgraded past breezy due to problems
with the network card and later kernels. This probably allowed
the attacker to gain root.
Интересно послушать тех, кто продолжает утверждать, что использование удаленных уязвимостей в линухе - это сферический конь в вакууме
The open-source Ubuntu project shut down on Saturday five of eight community-run servers that the group sponsors, after attacks were detected emanating from the computers.
...
The Ubuntu project, which manages the popular Linux distribution, received reports of the attacks on Monday, August 6, and proceeded to take the servers offline. The servers were running an older version of the Ubuntu Linux operating system, making several software packages vulnerable to known flaws.
Оригинал статьи тут: http://www.securityfocus.com/brief/570
Из официального объяснения (https://lists.ubuntu.com/archives/loco-contacts/2007-August/001510.html)
How did this happen
-------------------
Unfortunately:
a) the servers, especially zambezi were running an incredible
amount of web software (over 15 packages[1] that we recognised)
and
of all the ones where it's trivial to determine a version, they
were without exception out-of-date and missing security patches.
An attacker could have gotten a shell through almost any of
these sites.
b) FTP (not sftp, without SSL) was being used to access the
machines, so an attacker (in the right place) could also have
gotten access by sniffing the clear-text passwords.
c) The servers have not been upgraded past breezy due to problems
with the network card and later kernels. This probably allowed
the attacker to gain root.
Интересно послушать тех, кто продолжает утверждать, что использование удаленных уязвимостей в линухе - это сферический конь в вакууме
If something sounds too good to be true, it probably is (с)