Ubuntu unplugs compromised servers
PrintFive out of eight systems riddled with bugs
Posted in Servers, 16th August 2007 11:07 GMT
Free whitepaper – Reliability analysis of the APC Symmetra MW Power System
Ubuntu had to shut down five of its eight production servers last week after realising the poorly maintained systems were compromised to such an extent they had become a source of attacks against other systems.
The servers were sponsored by Canonical but hosted by the community. The systems were running an old unsupported version of Ubuntu, a factor that goes some way to explaining why they were so insecure.
Problems included missing security patches, the use of FTP (rather than a secure protocol) to access the machines, and no recent upgrades due to problems with the network cards and later kernels. Kernel upgrades were omitted because of poor backwards compatibility with the hardware Canonical supplied.
It's unclear whether or not files hosted on the servers were altered by hackers. A post-mortem by Canonical found that hacking into the systems would have been easy for any moderately skilled hacker.
"An attacker could have gotten a shell through almost any of these sites," writes James Troup, leader of the Canonical sysadmin team.
Ubuntu community members have been given the choice of either migrating the servers to Canonical's data centre or to stay on hosted servers. More on the incident can be found in Ubuntu's newsletter here. ®
Free whitepaper – Fundamental Principles of Generators for Information Technology
Enabling the Agile Data Center
Straight Talk with Dell: Sending out an SaaS
New storage architectures make SSDs more cost-effective
Dell PowerEdge R710 solution vs. Dell PowerEdge 2850 solution
Analyst Keynote: The Register Agile Data Center Summit
Vint Cerf mods Android for interplanetary interwebs
Adaptec CEO on the ropes after dreadful results
Boffins working on biodegradable flexi LED implants
Nvidia taps Transmeta team for x86 chip, claims analyst