Has this been resolved?
Tommy Trussell
tommy.trussell at gmail.com
Sun Aug 19 03:41:44 UTC 2007
On 8/18/07, John Dangler <jdangler at terremark.com> wrote:
>
> Does anyone know if this has been resolved?
> Was their any residual fallout from it?
>
> http://www.securityfocus.com/brief/570?ref=rss
>
The article links to a post on a loco mailing list, and there are
several follow-ups to that post. I believe (from reading those posts
and discussion elsewhere) the problem was that the loco groups were
running outdated unsupported versions of Ubuntu and non-patched
versions of server software. The Ubuntu versions had not been updated
because of hardware incompatibility issues, I believe.
Unfortunately, loco members were accessing the boxes using plain
insecure ftp, and the boxes had been compromised by root access.
The "residual fallout" was that the servers were moved from a
non-Canonical leased facility in the US and the services supported by
them are being restored onto properly secured and managed servers.
More information about the ubuntu-users
mailing list