Chat

**ChatsUSA** · 08-17-2007, 05:51 PM

Canonical, the commercial sponsor of Ubuntu Linux, has reported that five of its eight sponsored Local Community (LoCo) hosting servers, which are used by local-area Ubuntu developer communities but hosted outside the company, were compromised this week. The problem first came to light on Monday evening, when Canonical received reports that one of the LoCo servers had been compromised, and an investigation found four more of the servers had been hacked.

The systems were being accessed using FTP without SSL and were running more than a dozen outdated web software packages on a version of Ubuntu Linux that is no longer receiving security updates from Canonical. "Since it was reported that they were actively attacking other machines... the decision was taken to shut the machines down," said James Troup, head of Canonical's system administration team. Troup blamed the latter on recent versions of the OS not working with the servers' network hardware. The communities affected will have to choose between moving their servers into the Canonical data center, where they'll be kept up-to-date but will have stricter limits on how they're used, or sticking with outsourced servers but taking on the full responsibility for administration.

News source: PC World

Read full story...

More...

08-17-2007, 05:51 PM	#1 (permalink)

ChatsUSA Management Posts: 11,508 Join Date: Feb 2005 Age: 4	Ubuntu Hacks Downplayed, out-of-date software to blame Canonical, the commercial sponsor of Ubuntu Linux, has reported that five of its eight sponsored Local Community (LoCo) hosting servers, which are used by local-area Ubuntu developer communities but hosted outside the company, were compromised this week. The problem first came to light on Monday evening, when Canonical received reports that one of the LoCo servers had been compromised, and an investigation found four more of the servers had been hacked. The systems were being accessed using FTP without SSL and were running more than a dozen outdated web software packages on a version of Ubuntu Linux that is no longer receiving security updates from Canonical. "Since it was reported that they were actively attacking other machines... the decision was taken to shut the machines down," said James Troup, head of Canonical's system administration team. Troup blamed the latter on recent versions of the OS not working with the servers' network hardware. The communities affected will have to choose between moving their servers into the Canonical data center, where they'll be kept up-to-date but will have stricter limits on how they're used, or sticking with outsourced servers but taking on the full responsibility for administration. News source: PC World Read full story... More...

Chat

Arcade

Blogs

Albums

Support