|
-
October 3rd, 2005, 01:36 AM
#11
i didn't think so either. that looked like the new opensuse site. but the other guy saud game, i assumed he know more, so i went along with it.
regardless, a game server or a linux distro main site,...
-
October 3rd, 2005, 04:53 AM
#12
|am3............. and where does this fall under the CIA? The n00b sections of integrity and availability. Let us know when you launch a nuke at IIU (Israeli Internet Underground). 
Until then they show up on the worldwide gaydar.
-
October 3rd, 2005, 06:18 AM
#13
to me, no different that PETA spray painting 60 year old women in fox fur or Greenpeace guys chasing whale hunters in rubber dingys. it's just a different medium and different organization.
It is completely different...
PETA = anti-mistreatment of animals = they punish people who support the mistreatment of animals = paint on fur
Greenpeace = environmentalist = preservation of endangered species = harassing whale hunters
This stuff isn't rocket science.
SuSE has nothing to do with the Iran's inability to have nuclear power.
What they should have done, (that I was going to go into detail about in the prior post, but people get pissy about such things) is deface the DOE or better yet initiate a cascade failure of the power grid (easier than you might think) as these actions would allow Iran to point out how careless the US is with its own power.
Or... if they really wanted to get their message out... they should have written a compelling article to Foreign Affairs about the injustices placed on them by the US... not only the sole nation to have deliberately killed people with nuclear devices, but a country to... at this very moment be using radiological weapons against a third world nation. The best part is, neither of these statements are disputed by the US government and they would not be harming anyone in doing so.
Or... if that failed, perhaps they should do some research and outline points of failure in the NRC in an article to The Bulletin of Atomic Scientists. These points should be responded to by the mechanisms Iran would use to prevent such failures.
Instead their actions are dismissed by anyone in power or academia as the inane, immature ramblings of a script kiddie. As they should be.
cheers,
catch
-
October 3rd, 2005, 04:46 PM
#14
Anyone aware of how the server was exploited? Going to make an assumption that the server had to be at least SuSE 9.3. Would be nice to make sure our installations are protected against this attack.
It had been mentioned in another thread here about vulnerabilities released this past friday, but they were all local or DoS related.
Lets hope SuSE has already provided patches and fou4s or YaST running with a cron has already taken care of it.
--------
Doing a little more reading shows this:
http://www.theregister.co.uk/2005/10...ensuse_hacked/
It doesn't really say what was exploited, but it does indicate it was ssh. Hopefully it was the older ssh vulnerability, if so, shame shame on SuSE.
There are two rules for success in life:
Rule 1: Don't tell people everything you know.
-
October 3rd, 2005, 05:35 PM
#15
It wasn't SUSE at all, it was a Netware box, and 9.3 wouldn't be on their production servers, they'd use Enterprise edition.
And as for how, well, I've talked with the SUSE security team already.
-
October 3rd, 2005, 05:48 PM
#16
Originally posted here by gore
It wasn't SUSE at all, it was a Netware box, and 9.3 wouldn't be on their production servers, they'd use Enterprise edition.
And as for how, well, I've talked with the SUSE security team already.
hmm... thats interesting. Netcraft must have it wrong then because they are reporting it was changed to a SUSE box on the 21st of September.
http://toolbar.netcraft.com/site_rep...//opensuse.org
Looks also like they hit up 2 other Novell sites.
Zoneh.org Link
From theregister.com (Link)
Of greater concern are reports that hackers compromised a gaming-related server maintained by Novell and used it to scan for other vulnerable machines. The hacked system - which ran a mail server for a gaming site called Neticus.com - has been scanning for vulnerable SSH systems since 21 September, Computerworld reports. The rogue behaviour was spotted by net security firm Brandon Internet Security which traced attacks against its clients' systems back to the compromised servers
So it seems they probably started hitting up the sites on the 21st, when they changed OS's on that OpenSuse site.
N00b> STFU i r teh 1337 (english: You must be mistaken, good sir or madam. I believe myself to be quite a good player. On an unrelated matter, I also apparently enjoy math.)
-
October 3rd, 2005, 05:59 PM
#17
Most of their servers running are Linux, however a few remain Netware as of yet.
-
October 3rd, 2005, 06:24 PM
#18
There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.
(Merovingian - Matrix Reloaded)
-
October 3rd, 2005, 07:23 PM
#19
I guess the "Open" in OpenSuse meant a little more than they really intended..... 
Don\'t SYN us.... We\'ll SYN you..... 
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
October 3rd, 2005, 10:40 PM
#20
Well aren't you a ****ing comedian. You don't show up for months then you come back to cracka one liner? I want my money back.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
