nsane.forums Posted September 1, 2011 Share Posted September 1, 2011 The site hosting the Linux kernel was reportedly hacked last week, though admins have reassured users the kernel itself remains absolutely safe.Kernel.org, home of the Linux kernel source code, was reportedly the victim of a security breach last week. According to ReadWriteWeb and a note on the kernel.org homepage, an unknown intruder or intruders gained root access to the site's main server, known as Hera, as well as a number of other servers. They made a number of changes to files related to SSH services, added a trojan to startup scripts on a number of systems and logged some user interactions with the breached servers. The upshot, however, is this: there is apparently next to no chance the Linux kernel itself was compromised by the attack, which was discovered on August 28. According to the site note, that's because each of the nearly 40,000 files within the kernel are protected by a secure SHA-1 hash every time a file is modified. Any changes made by a hacker or hackers would be immediately apparent to the site's administrators, developers and members, though a check is still underway on each and every file to ensure nothing has been modified. As for how the attack occurred, the leading theory at the moment is that a user's login credentials were stolen, though how the attacker gained root access is still under investigation. In the meantime, all compromised servers have been taken offline and all kernel.org servers will be reimaged to a known safe backup. Authorities in the United States and Europe have also been notified of the attack. While the breach is likely to result in more than a few headaches for the site's administrators, it is unlikely to have any serious ramifications for the Linux community beyond a reminder that while no security system is entirely secure, a well-designed backup system can often save the day. View: Original Article Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.