Ubuntu unplugs compromised servers
Print storyFive out of eight systems riddled with bugs
Posted in Servers, 16th August 2007 11:07 GMT
Free whitepaper – Cooling strategies for ultra-high density racks and blade servers
Ubuntu had to shut down five of its eight production servers last week after realising the poorly maintained systems were compromised to such an extent they had become a source of attacks against other systems.
The servers were sponsored by Canonical but hosted by the community. The systems were running an old unsupported version of Ubuntu, a factor that goes some way to explaining why they were so insecure.
Problems included missing security patches, the use of FTP (rather than a secure protocol) to access the machines, and no recent upgrades due to problems with the network cards and later kernels. Kernel upgrades were omitted because of poor backwards compatibility with the hardware Canonical supplied.
It's unclear whether or not files hosted on the servers were altered by hackers. A post-mortem by Canonical found that hacking into the systems would have been easy for any moderately skilled hacker.
"An attacker could have gotten a shell through almost any of these sites," writes James Troup, leader of the Canonical sysadmin team.
Ubuntu community members have been given the choice of either migrating the servers to Canonical's data centre or to stay on hosted servers. More on the incident can be found in Ubuntu's newsletter here. ®
Free whitepaper – Data center projects: standardized process
Modular Services - Can Dell Deliver?
The future of SaaS and IT infrastructure management
Should your email live in the cloud: a comparative cost analysis
Hosted security IT manager's guide
Jump start your Application Security initiatives
Micron move heralds Intel 320GB SSD
Steve Jobs finds part-time work
Seagate shines under Luczo's law
HP whips out blades for future