[ubuntu-uk] Ubuntu servers hacked?

alan c aeclist at candt.waitrose.com
Wed Aug 15 20:59:25 BST 2007

Jim Kissel wrote:
> alan c wrote:
>>   Ubuntu Servers Hacked
>> http://it.slashdot.org/article.pl?sid=07/08/15/1341224
>> If this is true it is pretty sad. It will take some time for 
>> confidence to be regained. What a gift (or a result?) for the opposition!
> It was a case of self inflected injuries.  Using FTP instead of sFTP or 
> SCP.  Not keeping their machines up to date.
> The only redeeming aspect is non of the machines that were compromised 
> were repositories!
>> I was recently trying to reduce my ignorance about security by asking 
>> questions about security, and on the ubuntu forums I had asked a 
>> couple of questions about security which were apparently so tiresome 
>> that they were immediately sidelined into a dead thread!
> What questions?

Very similar to the questions I floated past yourself last week. How 
to come to terms with sudo compromise, or avoid or harden against it. 
Or in fact how to discover it has happened.  Logically the questions 
would have led to an assessment of risk of 'trusted' software - 
repositories etc, although it was cut short as 'flogging a dead horse' 

The comments and answers you kindly offered (thanks!) were excellent 
in addressing various actions for an increasing level of assurance of 
security, should one wish it.

I am attracted to the idea of at some time, posting on the same forum 
an edited version of your comments as an answer to my satisfied needs 
fro knowledge, because it seemed to me that a number of others similar 

The standard answers of 'use only trusted software' is a good initial 
answer but even novices know life is not so simple, and knowledge of 
further courses of action helps, to set a perspective.
alan cocks
Kubuntu user#10391

More information about the ubuntu-uk mailing list