REALTIME IT NEWS
REALTIME IT NEWS
Newsletters Select newsletters below and click the button to sign up!
Internetnews BloggersRecent Entries
ArchivesMonthly ArchivesSearch The Blog
« Of course DNS is STILL vulnerable |
Sean Michael Kerner Blog
| Mozilla TraceMonkey to speed up JavaScript »
Red Hat Fedora servers compromised From the "this isn't good news" files:
Servers for both Red Hat Enterprise Linux and Fedora Linux were compromised in recent weeks by some kind of illegal access. Neither project however is currently admitting than any of their software or users were in any way directly affected by the illegal access. Fedora Project Leader Paul Frields wrote in a mailing list entry that: Last week we discovered that some Fedora servers were illegally accessed. The intrusion into the servers was quickly discovered, and the servers were taken offline.Security specialists and administrators have been working since then to analyze the intrusion and the extent of the compromise as well as reinstall Fedora systems.On the Red Hat Enterprise side of things there is an OpenSSH update notification that contains (few) details about what happened. Last week Red Hat detected an intrusion on certain of its computer systems and took immediate action. While the investigation into the intrusion is on-going, our initial focus was to review and test the distribution channel we use with our customers, Red Hat Network (RHN) and its associated security measures. Based on these efforts, we remain highly confident that our systems and processes prevented the intrusion from compromising RHN or the content distributed via RHN and accordingly believe that customers who keep their systems updated using Red Hat Network are not at risk.The fear in both cases is that an attacker could have somehow gained access and then created or compromised a security signing key used to distribute packages and updates. As far as I can tell based on the analysis provided by Red Hat that's not the case and Red Hat and Fedora are being responsible and prudent by locking down system, analyzing everything and re-issuing keys. 0 TrackBacksListed below are links to blogs that reference this entry: Red Hat Fedora servers compromised. TrackBack URL for this entry: https://swarm.jupitermedia.com/mt-tb.cgi/4581 3 CommentsLeave a comment |
||
Legal Notices, Licensing, Reprints, Permissions, Privacy Policy.
Advertise | Newsletters | Shopping | E-mail Offers
|
Microsoft Partner Portal Video: Microsoft Gold Certified Partners Build Successful Practices |
MORE WEBCASTS, PODCASTS, AND VIDEOS |
|
Iron Speed Designer Application Generator |
MORE DOWNLOADS, EKITS, AND FREE TRIALS |
Digg
Del.icio.us
furl
StumbleUpon
BlinkList
Newsvine
Magnolia
Facebook
Tailrank
Slashdot
Technorati
Google
Bookmarks
Yahoo
Favorites
Windows
Live
Ask
But of course. Red Hat and Novell are starting to gear towards corporations. Any system geared toward making money will eventually be exploited. It all falls to the "honour among thieves" point of view. If most (cr/h)ackers use un*x or minux-based OSs, the odds are stacked that chances are that there will be no reason to target these systems. When these systems start to enter the main stream ala RHEL or SUSE, it becomes more profitable to target these systems with malware.
>> Any system geared toward making money will eventually be exploited. ...it becomes more profitable to target these systems with malware.
But I don't think this had anything to do with malware. Do you know of damage done? Do you have reason to believe the problem will not be resolved? Maybe a developer was being followed and during a break someone got access to the laptop or managed to get a password. There are systems in place to recover from damage of this nature. How trustworthy are humans anywhere?
Humans are the weakest link. Open source accepts this and works as if you can't keep secrets from anyone.
Red Hat does not rely on their code being secret. Microsoft does. This means human failures within Microsoft lead to more damage. Note which system is the one with a serious malware problem. Yet..
..Linux is installed in many places where security is important. In fact, when security is a real concern, Linux/UNIX is more likely to be deployed than Windows. Thus, Linux has been a greater target for a while, yet malware is virtually nonexistent.
Regardless of how much money Red Hat makes, there is a lot of money behind Linux installations and that is what counts.
Some vendors have a hard time accepting that open source results in superior security per invested dollar. Naturally, their income streams are on the line.
Microsoft has real problems. They have closed source code that is protected exclusively through secrecy. Every time a human lapse occurs with Microsoft employees knowing these secrets, the worms and virus come out to play. There are persistent holes -- "fixes" frequently just move the holes around enough to undermine the particular malware causing the most trouble, leaving the door open for future malware. Band-aids tend to work short-term quickly and save money and time of heavy redesign. Why spend money to fix the problem when you can hide the problem? Monopolies simply are bloated in almost every way. It's human nature not to work very hard when the harvest is abundant year-round.
Linux is open to the public 24x7x365 so most holes get closed and cleaned up (redesigned) by necessity and ahead of exploits. You also have people whose personal reputations are on the line (their actual names attached to the source code are public and follow them even as they move from company to company). Patching after a problem is usually very fast since so many have knowledge of the source code.
I should clarify that these are my opinions. Feel free to argue differently. I think the data and realistic assumptions support the above to a large extent.
Jose_X..."Red Hat and Novell are starting to gear towards corporations"? Your use of the word "starting" seems inappropriate, as both companies have years of corporate experience.
This "revelation" is not at all surprising. This just goes to (again) illustrate the truth of networking, which is the only truly secure computer/system is one that's not plugged into a source of electricity...but then that defeats the purpose of having a system at all.
The fact is, this is a rare intrusion and the effects appear to be minimal. If intrusions never happened, there would be no need for firewalls, honey-pots, DMZs, or various other intrusion prevention/detection systems.
Good for Red Hat that they've told the world this has happened. It illustrates that just because someone or a corporation is running Linux, they still need to maintain vigilance on their systems. As long as an organization is successful, there are always people attempting to bring them down, whether that be competition or people with some grudge (and there are ALWAYS people with a grudge).