Feeds

Ubuntu unplugs compromised servers

Five out of eight systems riddled with bugs

Next gen security for virtualised datacentres

Ubuntu had to shut down five of its eight production servers last week after realising the poorly maintained systems were compromised to such an extent they had become a source of attacks against other systems.

The servers were sponsored by Canonical but hosted by the community. The systems were running an old unsupported version of Ubuntu, a factor that goes some way to explaining why they were so insecure.

Problems included missing security patches, the use of FTP (rather than a secure protocol) to access the machines, and no recent upgrades due to problems with the network cards and later kernels. Kernel upgrades were omitted because of poor backwards compatibility with the hardware Canonical supplied.

It's unclear whether or not files hosted on the servers were altered by hackers. A post-mortem by Canonical found that hacking into the systems would have been easy for any moderately skilled hacker.

"An attacker could have gotten a shell through almost any of these sites," writes James Troup, leader of the Canonical sysadmin team.

Ubuntu community members have been given the choice of either migrating the servers to Canonical's data centre or to stay on hosted servers. More on the incident can be found in Ubuntu's newsletter here. ®

5 things you didn’t know about cloud backup

More from The Register

next story
The Return of BSOD: Does ANYONE trust Microsoft patches?
Sysadmins, you're either fighting fires or seen as incompetents now
Microsoft: Azure isn't ready for biz-critical apps … yet
Microsoft will move its own IT to the cloud to avoid $200m server bill
Oracle reveals 32-core, 10 BEEELLION-transistor SPARC M7
New chip scales to 1024 cores, 8192 threads 64 TB RAM, at speeds over 3.6GHz
Docker kicks KVM's butt in IBM tests
Big Blue finds containers are speedy, but may not have much room to improve
US regulators OK sale of IBM's x86 server biz to Lenovo
Now all that remains is for gov't offices to ban the boxes
Gartner's Special Report: Should you believe the hype?
Enough hot air to carry a balloon to the Moon
Flash could be CHEAPER than SAS DISK? Come off it, NetApp
Stats analysis reckons we'll hit that point in just three years
Dell The Man shrieks: 'We've got a Bitcoin order, we've got a Bitcoin order'
$50k of PowerEdge servers? That'll be 85 coins in digi-dosh
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.