i didn't think so either. that looked like the new opensuse site. but the other guy saud game, i assumed he know more, so i went along with it.
regardless, a game server or a linux distro main site,...
Printable View
i didn't think so either. that looked like the new opensuse site. but the other guy saud game, i assumed he know more, so i went along with it.
regardless, a game server or a linux distro main site,...
|am3............. and where does this fall under the CIA? The n00b sections of integrity and availability. Let us know when you launch a nuke at IIU (Israeli Internet Underground). :rolleyes:
Until then they show up on the worldwide gaydar.
It is completely different...Quote:
to me, no different that PETA spray painting 60 year old women in fox fur or Greenpeace guys chasing whale hunters in rubber dingys. it's just a different medium and different organization.
PETA = anti-mistreatment of animals = they punish people who support the mistreatment of animals = paint on fur
Greenpeace = environmentalist = preservation of endangered species = harassing whale hunters
This stuff isn't rocket science.
SuSE has nothing to do with the Iran's inability to have nuclear power.
What they should have done, (that I was going to go into detail about in the prior post, but people get pissy about such things) is deface the DOE or better yet initiate a cascade failure of the power grid (easier than you might think) as these actions would allow Iran to point out how careless the US is with its own power.
Or... if they really wanted to get their message out... they should have written a compelling article to Foreign Affairs about the injustices placed on them by the US... not only the sole nation to have deliberately killed people with nuclear devices, but a country to... at this very moment be using radiological weapons against a third world nation. The best part is, neither of these statements are disputed by the US government and they would not be harming anyone in doing so.
Or... if that failed, perhaps they should do some research and outline points of failure in the NRC in an article to The Bulletin of Atomic Scientists. These points should be responded to by the mechanisms Iran would use to prevent such failures.
Instead their actions are dismissed by anyone in power or academia as the inane, immature ramblings of a script kiddie. As they should be.
cheers,
catch
Anyone aware of how the server was exploited? Going to make an assumption that the server had to be at least SuSE 9.3. Would be nice to make sure our installations are protected against this attack.
It had been mentioned in another thread here about vulnerabilities released this past friday, but they were all local or DoS related.
Lets hope SuSE has already provided patches and fou4s or YaST running with a cron has already taken care of it.
--------
Doing a little more reading shows this:
http://www.theregister.co.uk/2005/10...ensuse_hacked/
It doesn't really say what was exploited, but it does indicate it was ssh. Hopefully it was the older ssh vulnerability, if so, shame shame on SuSE.
It wasn't SUSE at all, it was a Netware box, and 9.3 wouldn't be on their production servers, they'd use Enterprise edition.
And as for how, well, I've talked with the SUSE security team already.
hmm... thats interesting. Netcraft must have it wrong then because they are reporting it was changed to a SUSE box on the 21st of September.Quote:
Originally posted here by gore
It wasn't SUSE at all, it was a Netware box, and 9.3 wouldn't be on their production servers, they'd use Enterprise edition.
And as for how, well, I've talked with the SUSE security team already.
http://toolbar.netcraft.com/site_rep...//opensuse.org
Looks also like they hit up 2 other Novell sites.
Zoneh.org Link
From theregister.com (Link)
So it seems they probably started hitting up the sites on the 21st, when they changed OS's on that OpenSuse site.Quote:
Of greater concern are reports that hackers compromised a gaming-related server maintained by Novell and used it to scan for other vulnerable machines. The hacked system - which ran a mail server for a gaming site called Neticus.com - has been scanning for vulnerable SSH systems since 21 September, Computerworld reports. The rogue behaviour was spotted by net security firm Brandon Internet Security which traced attacks against its clients' systems back to the compromised servers
Most of their servers running are Linux, however a few remain Netware as of yet.
http://www.securityfocus.com/news/11334
http://www.theregister.co.uk/2005/10...ensuse_hacked/
http://www.computerworld.com/securit...ml?source=x583
EDIT: Looks like they have been pretty active at zone-h:
http://www.zone-h.org/en/defacements...KERS+SABOTAGE/
Mirror for one of them: http://www.zone-h.org/en/defacements/mirror/id=2917409/
I guess the "Open" in OpenSuse meant a little more than they really intended..... :D
Well aren't you a ****ing comedian. You don't show up for months then you come back to cracka one liner? I want my money back.