View Single Post
  #1   (View Single Post)  
Old 31st January 2011
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default SourceForge applies global password reset after hack attack

From http://www.theregister.co.uk/2011/01...hack_response/

Quote:
Open-source code repository SourceForge has advised users to change their passwords following a concerted hacking attack.

The attack, launched last Wednesday, targeted developer infrastructure and involved the compromise of SourceForge.net servers. SourceForge detected the attack and quickly disabled CVS, ishell, file uploads, and project web updates as a precaution against deeper compromise.

The open-source outfit reckons it nipped the attack before it got very far. However, analysis of server logs after the attack revealed that an SSH daemon had been modified to carry out a password-sniffing attack.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote