»
 

Go Back   ResellerRatings Store Ratings > ResellerRatings Forums > Tech Support
***DEBIAN USERS READ THIS*** ***DEBIAN USERS READ THIS***
Register FAQ Social Groups Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
Old 11-21-2003, 08:16 AM   #1 (permalink)
Registered User
 
pbharris's Avatar
 
Join Date: Oct 2001
Location: Chicago, IL
Posts: 2,403
pbharris is on a distinguished road
Send a message via ICQ to pbharris Send a message via AIM to pbharris Send a message via Yahoo to pbharris
***DEBIAN USERS READ THIS***
It seems the debian server infrastructure has been comprised. Do not apt-get anything from the official security servers right now. And take a very close look at anything that you installed from there during the last 2 days. Here's the official announcement:

http://cert.uni-stuttgart.de/files/f...y-20031121.txt

__________________
I don't use Linux because I hate Windows (which I do) I use Linux because I like it.
play mtrek! telnet://mtrek.com:23
Odds are very good there are several spelling mistakes in this post.
pbharris is offline   Reply With Quote
Old 11-21-2003, 08:56 AM   #2 (permalink)
Registered User
 
Praetorian's Avatar
 
Join Date: Oct 2001
Location: Yuma, AZ
Posts: 2,484
Praetorian is on a distinguished road
Send a message via ICQ to Praetorian Send a message via AIM to Praetorian Send a message via Yahoo to Praetorian


Poor Debian. Is it okay for me to apt-get crap if I'm using Sid? I'd assume it was since I don't use the security servers anyhow. Oh well, I'll do it anyway and see what happens.

Good luck Debian!
Praetorian is offline   Reply With Quote
Old 11-21-2003, 09:10 AM   #3 (permalink)
Registered User
 
Join Date: Oct 2001
Location: Lake Helen, FL
Posts: 3,492
TOAD6147 is on a distinguished road
Send a message via ICQ to TOAD6147 Send a message via AIM to TOAD6147
Quote:
...debian server infrastructure has been comprised.
What exactly do they mean by "compromised"?
TOAD6147 is offline   Reply With Quote
Old 11-21-2003, 10:22 AM   #4 (permalink)
Registered User
 
jkrohn's Avatar
 
Join Date: Oct 2001
Location: Champaign, IL
Posts: 3,253
jkrohn is on a distinguished road
Send a message via ICQ to jkrohn Send a message via AIM to jkrohn Send a message via Yahoo to jkrohn
MEaning the machines have been comprimised. Meaning that someone had complete unauthorized access and it is unsure what they did. Could be nothing, could be inserting backdoors into packages. Unknown.

It should still be perfectly fine to use apt-get though.

Quote:

In particular the following machines have been affected:

. master (Bug Tracking System)
. murphy (mailing lists)
. gluck (web, cvs)
. klecker (security, non-us, web search, www-master)

Some of these services are currently not available as the machines
undergo close inspection. Some services have been moved to other
machines (www.debian.org for example).

The security archive will be verified from trusted sources before it
will become available again.
Jkrohn
__________________
Jkrohn
Last edited by jkrohn; 11-21-2003 at 10:58 AM.
jkrohn is offline   Reply With Quote
Old 11-22-2003, 03:45 AM   #5 (permalink)
Registered User
 
lynchmob's Avatar
 
Join Date: Oct 2001
Location: Mid-Atlantic
Posts: 1,361
lynchmob is on a distinguished road
I just did a test install of the Debian-based distro called Mepis.It's a Live-on-CD that can be installed to a hard drive from the KDE desktop,which was the main reason I installed it to a spare drive tray I had:I wanted to see how ithe install went without having to leave X.
Anyway,not knowing about the servers being hacked on at Debian,I ran apt-get update; it updated about 3-4 MB of stuff but would not install any security-related updates.It said to run apt-get update at a later time.
So I guess I might have a little lab rat on my hands
lynch
__________________
Seldom right,but never in doubt...
lynchmob is offline   Reply With Quote
Old 11-22-2003, 03:56 AM   #6 (permalink)
Registered User
 
nochay's Avatar
 
Join Date: Aug 2002
Location: Las Vegas NV USA
Posts: 477
nochay is on a distinguished road
Send a message via ICQ to nochay Send a message via AIM to nochay Send a message via Yahoo to nochay
could this have been something SCO did? Seriously. They are pretty petty.

I hope debian is okay Hang in there.

Dane
__________________
Seti@Home Work Unit Processor
Member Of Team Art Bell

2 Computers Processing The Units:

HP Pavilion 8276
300 MHZ Pentium II Processor
256 Megs Of Ram

Dell Optiplex GX1
350 MHZ Pentium II Processor
256 Megs Of Ram

Both Use The Command Line Version Of Seti@Home, And Complete A Unit In About 16-17 Hours.
nochay is offline   Reply With Quote
Reply

« Explorer problem | DFI AD77 INFINITY CROAKED? OR NOT? »


« Explorer problem | DFI AD77 INFINITY CROAKED? OR NOT? »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Most Active Discussions

Recent Discussions

All times are GMT -6. The time now is 01:29 AM.

Contact Us - ResellerRatings - Archive - Privacy Statement - Top