View Single Post
  #1   (View Single Post)  
Old 7th November 2011
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,503
Default Certificate issuing stopped at KPN after server break-in discovered

From http://h-online.com/-1372339

Quote:
The certificate authority (CA) belonging to KPN Corporate Market, a subsidiary of Dutch telecommunications provider KPN, has announcedDutch language link that it has stopped issuing Secure Socket Layer (SSL) certificates because hackers bypassed the CA's security mechanisms and compromised one of its servers. When performing a thorough review that was prompted by other recent Certificate Authority break-ins, the CA discovered programs which are used for DDOS attacks on other computers. The evidence discovered so far indicates that the break-in at KPN happened four years ago and has remained undetected since then.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote