|
-
August 28th, 2009, 05:49 PM
#1
Sigh: Apache.org hacked.
apache.org was down this morning and reports are that one of their servers has been compromised due to an SSH key being exposed. The SSH key was used by an account to perform backups. No vulnerabilities in apache or ssh software was used in this attack. When the incident was identified apache cut access to all of their services as a containment measure. Their web sites are now back online.
http://blogs.apache.org/infra/entry/...initial_report
Parth Maniar,
CISSP, CISM, CISA, SSCP
*Thank you GOD* 
Greater the Difficulty, SWEETER the Victory.
Believe in yourself.
-
August 28th, 2009, 11:07 PM
#2
The attackers created several files in the directory containing files for www.apache.org, including several CGI scripts. These files were then rsynced to our production webservers by automated processes. At about 07:00 on August 28 2009 the attackers accessed these CGI scripts over HTTP, which spawned processes on our production web services.
Looks like it was fault of the company responsible for maintaining backups...
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"
-HST
Similar Threads
-
By Spyder32 in forum *nix Security Discussions
Replies: 25
Last Post: August 1st, 2004, 05:20 AM
-
By FishTaco in forum Newbie Security Questions
Replies: 25
Last Post: March 7th, 2004, 07:14 PM
-
By Grinler in forum The Security Tutorials Forum
Replies: 13
Last Post: August 9th, 2003, 02:49 AM
-
By tonybradley in forum The Security Tutorials Forum
Replies: 4
Last Post: June 18th, 2003, 03:54 PM
-
By phishphreek in forum Web Security
Replies: 10
Last Post: May 3rd, 2003, 06:29 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote