DaemonForums  

Go Back   DaemonForums > Other Operating Systems > Other BSD and UNIX/UNIX-like

Other BSD and UNIX/UNIX-like Any other flavour of BSD or UNIX that does not have a section of its own.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 22nd August 2008
tanked tanked is offline
Fdisk Soldier
 
Join Date: May 2008
Posts: 56
Thanked 1 Time in 1 Post
Default Red Hat servers compromised

https://www.redhat.com/archives/fedo.../msg00012.html
Reply With Quote
  #2   (View Single Post)  
Old 22nd August 2008
corey_james corey_james is offline
Uber Geek
 
Join Date: Apr 2008
Location: Brisbane, Australia
Posts: 238
Thanked 4 Times in 10 Posts
Default

What is the point of this post ?

don't post links for no reason - it's irritating for everyone
__________________
"No, that's wrong, Cartman. But don't worry, there are no stupid answers, just stupid people." -- Mr. Garrison

Forum Netiquette
Reply With Quote
  #3   (View Single Post)  
Old 22nd August 2008
scottro's Avatar
scottro scottro is offline
Real Name: Scott Robbins
Spam Deminer
 
Join Date: Apr 2008
Location: NYC
Posts: 302
Thanked 31 Times in 25 Posts
Default

Tanked, the best way to do it might have been a less sensational title in the Linux section. Something like RedHat servers apparently compromised, which is a more accurate assessment. Then, the link becomes useful for those who use RH servers at work or home.

For you CentOS folks, there is a thread on their forums, the CentOS developers are checking as I type. Things seems OK (actually, this is the public stance for RH and Fedora as well).
At any rate, I would far rather they were overly cautious about it rather than overly nochalant.

As Corey_James pointed out, however, with a fairly sensationalist title and a link with no comment, it makes us look like the National Enquirer. (For those outside of the US, that's one of the well-know papers that will print the articles about seeing Elvis on a space ship. For those really young ones, Elvis doesn't refer to the default Slack and Deb version of vi, it refers to a well known performer who died several years ago.)
Reply With Quote
  #4   (View Single Post)  
Old 23rd August 2008
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,141
Thanked 182 Times in 149 Posts
Default

Moved from Off-topic section to Linux section
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #5   (View Single Post)  
Old 23rd August 2008
revzalot's Avatar
revzalot revzalot is offline
Shell Scout
 
Join Date: May 2008
Posts: 123
Thanked 1 Time in 1 Post
Default

Quote:
Originally Posted by scottro View Post

For you CentOS folks, there is a thread on their forums, the CentOS developers are checking as I type. Things seems OK (actually, this is the public stance for RH and Fedora as well).
At any rate, I would far rather they were overly cautious about it rather than overly nochalant.
I've posted a couple of threads at the home site forum but it's not that busy. Do you have an alternative forum for Centos where it's active such as this forum?
Reply With Quote
  #6   (View Single Post)  
Old 23rd August 2008
scottro's Avatar
scottro scottro is offline
Real Name: Scott Robbins
Spam Deminer
 
Join Date: Apr 2008
Location: NYC
Posts: 302
Thanked 31 Times in 25 Posts
Default

Fedora, perhaps. There, the issue was slightly different though, I don't quite remember all the details.

CentOS is a small and slow forum. A lot of folks go to Fedora for forums instead. Of course, there's a lot of noise, and I confess I'm often part of it--at present, a bunch of us have a thread going, playing a Japanese word game, although at least some are using Fedora to enter their selection.

Still, it's a nice community, and you can often get CentOS help there too. Despite the noise, there are some knowledgeable folks around.
Reply With Quote
  #7   (View Single Post)  
Old 24th August 2008
drhowarddrfine drhowarddrfine is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 358
Thanked 9 Times in 8 Posts
Default

Some Windows people are trumping it as proof of their manhood over Linux. Not that the intrusion isn't bad but wasn't this something along the lines of "we saw and caught a leak but fixed it well before the dam broke"? Or maybe someone can word it better? Or was this as bad as they're making it out to be?
Reply With Quote
  #8   (View Single Post)  
Old 24th August 2008
scottro's Avatar
scottro scottro is offline
Real Name: Scott Robbins
Spam Deminer
 
Join Date: Apr 2008
Location: NYC
Posts: 302
Thanked 31 Times in 25 Posts
Default

I believe you're right, that they caught it before it did much damage. However they're being rather quiet about it, while they investigate. Judging from the official announcements, anyway, it seems as if it was nipped in the bud.

As for Windows folks, that's kind of a glass house of cards to mix metaphors.
Reply With Quote
  #9   (View Single Post)  
Old 24th August 2008
anomie's Avatar
anomie anomie is offline
Local
 
Join Date: Apr 2008
Location: Texas
Posts: 446
Thanked 69 Times in 46 Posts
Default

tanked, thanks for the heads up. Not very specific, but it's a good reminder that while some OSes have better immune systems than others, in the end everyone is at risk. (Security in layers...!)
__________________
Kill your t.v.
Reply With Quote
Old 24th August 2008
scottro's Avatar
scottro scottro is offline
Real Name: Scott Robbins
Spam Deminer
 
Join Date: Apr 2008
Location: NYC
Posts: 302
Thanked 31 Times in 25 Posts
Default

anomie, I believe you use CentOS rather than RH, correct? They have their own repos and are doing their own checking. It's on their forums somewhere.
http://www.centos.org/modules/newbb/...15921&forum=42

Looks like they're probably OK.
Reply With Quote
Old 25th August 2008
anomie's Avatar
anomie anomie is offline
Local
 
Join Date: Apr 2008
Location: Texas
Posts: 446
Thanked 69 Times in 46 Posts
Default

I primarily use RHEL at work and CentOS at home. Thanks for the URL. It's certainly piqued my curiosity.
__________________
Kill your t.v.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Mirrored file servers stukov FreeBSD General 2 21st May 2009 01:22 PM
See processes on other servers? biscuits FreeBSD General 2 20th January 2009 04:15 AM
About Dedicated Servers qmemo Off-Topic 7 4th September 2008 02:15 PM
Bandwidth needed for internet servers? JMJ_coder General software and network 10 2nd September 2008 02:15 AM
Apache on two servers but one public IP marco64 General software and network 2 4th June 2008 07:29 PM


All times are GMT. The time now is 01:08 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick