Post Reply 
Evidence of unauthorized access found on FreeBSD servers
Author Message
whjms
EpiCanadian

Posts: 435.1825
Threads: 126
Joined: 23rd Dec 2008
Reputation: 3.37413
E-Pigs: 24.8045
Offline
Post: #1
Evidence of unauthorized access found on FreeBSD servers
[Image: logoredi.png]
Source: FreeBSD.org
security-officer@FreeBSD.org Wrote:On Sunday 11th of November, an intrusion was detected on two machines within the FreeBSD.org cluster. The affected machines were taken offline for analysis. Additionally, a large portion of the remaining infrastructure machines were also taken offline as a precaution.

Wee have found no evidence of any modifications that would put any end user at risk. However, wee do urge all users to read the report available at http://www.freebsd.org/news/2012-compromise.html and decide on any required actions themselves. Wee will continue to update that page as further information becomes known. Wee do not currently believe users have been affected given current forensic analysis, but wee will provide updated information if this changes.

As a result of this event, a number of operational security changes are being made at the FreeBSD Project, in order to further improve our resilience to potential attacks. Wee plan, therefore, to more rapidly deprecate a number of legacy services, such as cvsup distribution of FreeBSD source, in favour of our more robust Subversion, freebsd-update, and portsnap models.

More information is available at http://www.freebsd.org/news/2012-compromise.html

Even when you're using some of the world's most secure server infrastructure, you still can't account for the human element.
18/11/2012 07:31 PM
Find all posts by this user Quote this message in a reply
ZiNgA BuRgA
Smart Alternative

Posts: 17,023.4213
Threads: 1,174
Joined: 19th Jan 2007
Reputation: -1.71391
E-Pigs: 446.0333
Offline
Post: #2
RE: Evidence of unauthorized access found on FreeBSD servers
Most intrusions are because someone stuffed up somewhere.

SSH keys aren't the easiest things to leak, although I suppose there's a number of possibilities that could've caused it so.  I suppose the key wasn't password protected?  (I personally don't bother with password protecting SSH keys)
19/11/2012 12:04 AM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)

 Quick Theme: