Re: Debian servers "hacked"?

To: Bueno <bueno@hal.vu>
Cc: thomas@northernsecurity.net, debian-security@lists.debian.org
Subject: Re: Debian servers "hacked"?
From: Jan Wagner <waja@gmx.de>
Date: Fri, 21 Nov 2003 14:15:58 +0100
Message-id: <[🔎] 200311211415.58153.waja@gmx.de>
In-reply-to: <[🔎] 20031121125822.GH4429@alucicrazy.tacnet.com.br>
References: <[🔎] 20031121113850.GA23698@northernsecurity.net> <[🔎] 200311211313.35160.waja@gmx.de> <[🔎] 20031121125822.GH4429@alucicrazy.tacnet.com.br>

On Friday 21 November 2003 13:58, Bueno wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> - ------------------------------------------------------------------------
> The Debian Project                                http://www.debian.org/
> Some Debian Project machines compromised                press@debian.org
> November 21st, 2003
> - ------------------------------------------------------------------------
> 
> Some Debian Project machines have been compromised
> 
> This is a very unfortunate incident to report about.  Some Debian
> servers were found to have been compromised in the last 24 hours.
> 
> The archive is not affected by this compromise!
> 
> In particular the following machines have been affected:
> 
>   . master (Bug Tracking System)
>     . murphy (mailing lists)
>       . gluck (web, cvs)
>         . klecker (security, non-us, web search, www-master)
> 
> 	Some of these services are currently not available as the
> 	machines
> 	undergo close inspection.  Some services have been moved to
> 	other
> 	machines (www.debian.org for example).
> 
> 	The security archive will be verified from trusted sources
> 	before it
> 	will become available again.
> 
> 	Please note that we have recently prepared a new point release
> 	for
> 	Debian GNU/Linux 3.0 (woody), release 3.0r2.  While it has not
> 	been
> 	announced yet, it has been pushed to our mirrors already.  The
> 	announcement was scheduled for this morning but had to be
> 	postponed.
> 	This update has now been checked and it is not affected by the
> 	compromise.
> 
> 	We apologise for the disruptions of some services over the next
> 	few
> 	days.  We are working on restoring the services and verifying
> 	the
> 	content of our archives.
> 
> 
> 	Contact Information
> 	- -------------------
> 
> 	For further information, please visit the Debian web pages at
> 	<http://www.debian.org/> or send mail to <press@debian.org>.
> 	-----BEGIN PGP SIGNATURE-----
> 	Version: GnuPG v1.2.3 (GNU/Linux)
> 
> 	iD8DBQE/vfsJW5ql+IAeqTIRApjYAJ4v6QK07nyNNyBCvsosorej3cwMHACfZcLt
> 	PwFJYJu8w1rU64Z82ddF6LY=
> 	=If2b
> 	-----END PGP SIGNATURE-----
> 
> 
> 
> On (21/11/03 13:13), Jan Wagner wrote:
>
> > On Friday 21 November 2003 12:38, Thomas Sjögren wrote:
> >
> > > Anyone to shed some light over this?
> > >
> > > "Someone has cracked all the servers of the Debian Project. There has
> > > been a severe security mishap and guys should uninstall all stuff
> > > downloaded and installed in the past 2 days. Please do not apt-get
> > > anything right now! Please wait till an `official' release happens!"
> > > http://article.gmane.org/gmane.linux.debian.user/117910
> > >
> > > Server security mishap - you think?!
> >
> > 
> > http://luonnotar.infodrom.org/~joey/debian-announce.txt

Seems you didn´t read this.

Regard, Jan.

Reply to:

Follow-Ups:
- Re: Debian servers "hacked"?
  - From: Bueno <bueno@hal.vu>

References:
- Debian servers "hacked"?
  - From: Thomas Sjögren <thomas@northernsecurity.net>
- Re: Debian servers "hacked"?
  - From: Jan Wagner <waja@gmx.de>
- Re: Debian servers "hacked"?
  - From: Bueno <bueno@hal.vu>

Prev by Date: Re: Debian servers "hacked"?
Next by Date: Re: Debian servers "hacked"?
Previous by thread: Re: Debian servers "hacked"?
Next by thread: Re: Debian servers "hacked"?
Index(es):
- Date
- Thread