[Tfug] Keep the Faith, yo

Anthony Steckman humbl at elitemail.org
Fri Dec 5 14:36:25 MST 2003



/. discussion (see previous threads on this for a link) offers a wide 
range of speculation as to the source and purpose of the attacks. One 
poster notes the recent attempt on kernel.org and suggests someone is 
going after Linux (or Open Source) in a more general way (in an attempt 
to embarrass or discredit the movement). Someone else goes out on a limb 
and suggests it's maybe being funded by Microsoft or SCO.

Other articles and announcements debate the skill level of the cracker, 
pointing out what appears to be a major inconsistency: the culprit was 
apparently good enough to exploit a previously unknown flaw in the 
kernel but then attempted to further his cause by installing a "rootkit" 
package more popular among script kiddies than hardened crackers.

Interesting stuff for sure but it doesn't effect my opinion of Debian 
one way or another. I'm certainly not afraid to begin updating my system 
or downloading new packages again.


keith smith wrote:
> Makes me wonder how safe the packages are.  -- I suspect most hackers (backhat?) are Linux types.....  Why mess up your own backyard?
>  
> Keith
> 
> Casey Townsend <CTownse1 at ci.tucson.az.us> wrote:
> Debian was on the ball enough to quickly catch the compromise and appropriately deal with it. I wonder about what we haven't heard about. Was Debian the first (and only) target of this *Linux* exploit?
> 
> 
>>>>keith smith 12/05/03 09:38AM >>>
> 
> I wonder how this will affect Debian's following?
> 
> Keith
> 
> Paul Scott wrote:
> keith smith wrote:
> 
>>Hi All,
>>
>>When I access http://www.debian.org/distrib/packages it is in german.
>>Sent and received the following.
> 
> 
> Actually I get some Scandinavian language. The main point is that the 
> package pages are still down because of the Nov. 21 compromise of the 
> Debian servers. Even if you click on the 'english' link you still can't 
> get to the actual package pages. You can however still download Debian 
> packages.
> 
> Paul Scott
> 



More information about the tfug mailing list