User login

Navigation

Contribute

Interested in contributing to FootNotes? Click here to submit news stories to us or visit this site for more information about available opportunities.

GNOME Support

Friends of GNOME

Now's a good time to say thanks for the best desktop environment on the planet by becoming a Friend of GNOME or by upping your current Friends level. Contribute by joining the Friends of GNOME program. All contributions are tax-deductible in the U.S. Thanks to our generous Friends

Links of Interest

Syndicate

Intrusion on GNOME Web Server

Submitted by stro on Wed, 2004-03-24 09:18. GNOME

We've discovered evidence of an intrusion on the server
hosting www.gnome.org and other gnome.org websites.
After some research, we've found it unlikely that any GNOME
sources on our FTP site or source code repository have been
affected.

A number of services have been restored on a replacement
machine. Updates will be posted to the gnome-announce-list,
and found in our archives.
A quick status update on the situation:

* No additional damage has been discovered; at the current
time we are cautiously hopeful that the compromise was
limited in scope.

* ftp.gnome.org is back on now that we have additional
confidence in the integrity of the tarballs.

* We've now restored a number of services running on a
replacement machine

- Websites including www.gnome.org, and developer.gnome.org
are back up in limited service; dynamic content is still
off so some parts may be inaccessible.

- planet.gnome.org is again providing all your favorite
blogs and gossip.

- Bugzilla is in testing mode; we hope to restore general
access in the next day.

Thanks for your patience; we'll continue to provide updates
as we move back to fully operational status.

Re: Intrusion on GNOME Web Server

Submitted by loz on Wed, 2004-03-24 12:55.

This makes a lot of sense.. a development server offline as it were, then on a discovered intrusion, simply rsync it over or something..

The question is however, how to get it from that server to the web one without connecting it, how does one ensure that while it's connected it's not compromised or whatever.

Another alternative is to have a machine (providing it can be physically reached by someone) and place a cdrom in it, off which the files are served, then no matter the compromise, the files can not be altered as they are read only.

I know this is a fair hardware overhead, but it would mean that the files are guaranteed - provided the physical security of the machine was certain.

» parent