Feeds

Hackers scalp Apache

SSH hits the fan

Intelligent flash storage arrays

The website of Apache was taken offline for several hours on Friday after the SSH remote administration key on one of its servers was compromised.

SSH is a widely used technology for remote administration, so in the worst scenario the compromise created a means for hackers to upload Trojanised code onto the download section of Apache's website. Around 50 per cent of webservers run Apache, according to the latest stats from Netcraft, so any problem would be extremely widely felt.

It's unclear at present whether any code on the Apache website was actually modified. Nor do we know how the attack was carried out or who was behind it.

Apache's web site was restored after DNS records were changed so that servers based in Europe rather than at the main US site were carrying the load.

Rik Ferguson, a security researcher at Trend Micro, notes that the same type of compromised SSH key problem led to attacks that attempted to install rootkits on Linux based systems in August 2008.

Screenshots of Apache's statement on the incident, since removed, have been preserved for posterity in a blog posting by Trend Micro here and F-Secure here. ®

Bootnote

Reg reader Jack C told us on Thursday that http://httpd.apache.org/ was giving a directory listing where the index page should be. We saw this but didn't think much of it at the time. Friday's SSH glitch potentially casts this incident in a new light.

Internet Security Threat Report 2014

More from The Register

next story
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
BlackEnergy crimeware coursing through US control systems
US CERT says three flavours of control kit are under attack
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.