Unix fiends attack universities
PrintHave Solaris or Linux - will hack
Posted in Enterprise Security, 14th April 2004 02:17 GMT
Free whitepaper – Dell PowerEdge server benchmarks
A number of research institutions and high performance computing hubs have come under attack with software miscreants performing "sophisticated" attacks on Solaris and Linux boxes.
Stanford University last week issued a notice about the assaults, posting a rich explanation of how the coders have cracked the Unix systems.
"An unknown attacker (or group) has compromised numerous multi-user Solaris and Linux computers on Stanford's campus using a variety of mechanisms," the notice said. "In most cases, the attacker gets access to a machine by cracking or sniffing passwords. Local user accounts are escalated to root privileges by triggering a variety of local exploits, including the do_brk() and mremap() exploits on Linux and the sadmind, arbitrary kernel loading modules and passwd vulnerabilities on Solaris."
Surprisingly, a Slashdot discussion about the attacks steered clear of Microsoft conspiracy theories. A plot to damage the good names of Solaris and Linux is not to blame for the attacks but rather poor patching policies. Fixes to block the attacks have been available for some time.
Stanford has urged admins to bring their systems up to date. ®
Related stories
Auditing the mind of a hacker
Stopping the enemy at the gate
The perils of Googling
Homeland insecurity starts at home
Analyst Keynote: The Register Agile Data Center Summit
What Exchange can't do - and Dell can
Enabling The Agile Data Center
Analyst Keynote: The Register Agile Data Center Summit
Breaching Fort Apache.org - What went wrong?
Snow Leopard security - The good, the bad and the missing
US Dems fill inboxes with 419 scams
BlockMaster SafeStick hardware-encrypted USB drive