Debian Hacked!!

[JGuru]

Yesterday the Debian project announced that one of it's servers was compromised,
and the project had taken the server down, pending an investigation.
So Ubuntu users ( Debian-based) be awake!!
I checked the www.debian.org URL, oops their Server was down!!
Read more about it here:
http://blog.eweek.com/blogs/eweek_la.../13/11428.aspx

[aku]

hmm.. jus chkd rit nw.. its up nd running again!

[gary4gar]

up again in flash of 1hr

[JGuru]

@Gary, An well known hacker had hacked into Server of Pentagon (running Unix),
Sun's Server (Solaris, also UNIX based) network, and now he is wanted by the FBI.
I think he is a British citizen. Any O.S can be hacked , given the person's expertise
on that O.S. We hear more about Windows vulnerabilities, because most of the
users worldwide use Windows!! So the hackers can target millions of Windows users.
Who knows in another 5 years, Linux may be at the same receiving end!!

[it_waaznt_me]

Linux's architecture is fundamentally different from Windows where any script can run with admin privilages .. That is why you dont see many Linux or *nix worms / virus.
And being in public domain, bugs are found more fastly and they are patched soon.

[JGuru]

Yes, that is a good point @it_waaznt_me. How about hackers using scripts that are
executables and steal the password (Key logger) & and use 'sudo' priviledge to do
more damage!! The possibilities are there like a Pandora's box!!

Quote:

Originally Posted by it_waaznt_me

Linux's architecture is fundamentally different from Windows where any script can run with admin privilages .. That is why you dont see many Linux or *nix worms / virus.
And being in public domain, bugs are found more fastly and they are patched soon.

That will change soon. Right now only windows is the target. Linux will get it chance.

[it_waaznt_me]

Nah .. You didnt get the point .. In *nix, it is not possible for you to hack any daemon (service) .. like say print daemon and use it to shut down the system or delete any files because all the daemons run with limited privilages .. And this is just a glimpse of Unix's file permission system ..

[mehulved]

And without adequate permission it isn't all that possible to execute malware. That is why people stress not to use root account. So, even if malware is executed, it can only harm users directories and not the whole system unless it can get root access.

[mediator]

War of the mods!!
@JGuru, bro whats the sudo exploit?? There was a thread here for that i think, i tried whatever users posted there but cudnt get my system exploited! Please tell me the one that works on ur system!!
Neways I think any system on the NET is HACKABLE. So its not surprising that debian's hacked! Its the duty of the admin of that system to make it secure and patch it regularly,properly.
It seems the admin at that time of debian must be a snob,careless to ignore the system logs and entries of the person who hacked!!

[chesss]

it_wasnt_me is right, once you start getting into unix you see exactly why linux is far far superior to windows when it comes to security.
again sudo and the exitense of a shell play a major role in this.
If you have doubts note that vista will include sudo like technology, and will be shell based (most probably) .

Heres a great lil anti-rootkit tutorial that shows why linux is so great: http://www.thruthewire.net/Security/...0Beginners.pdf

[tehnogeek]

Quote:

Originally Posted by JGuru

@Gary, An well known hacker had hacked into Server of Pentagon (running Unix),
Sun's Server (Solaris, also UNIX based) network, and now he is wanted by the FBI.
I think he is a British citizen. Any O.S can be hacked , given the person's expertise
on that O.S. We hear more about Windows vulnerabilities, because most of the
users worldwide use Windows!! So the hackers can target millions of Windows users.
Who knows in another 5 years, Linux may be at the same receiving end!!

i think its a very good point that u have made . so it will be better to accept that none of the os's are 100% hack proof, what matters is which is less prone to hacks. But i think LINUX being open source will be more vunerable to hacks 5 yrs from now...

[mehulved]

Quote:

Originally Posted by tehnogeek

But i think LINUX being open source will be more vunerable to hacks 5 yrs from now...

lol that's classis example of ignorance on how Open Source model works.
In fact vulnerability can get fixed faster in open source model leaving lesser chance for miscreants. On the other hand in closed source model, even if the explooit is detected, unless the company patches it up, no one except the discoverer has any idea of the exploit.
Even after making the exploit public, it will take a long time for a company to patch it up as compared to an open source project. A classic example is Firefox. See how long does it take to patch up a vulnerability discovered in firefox and now compare it with time taken for patching up IE.

[mediator]

Agree with @tech_ur_future!

[JGuru]

You are right @Tech_your_future. Windows follows a closed-door policy. So only
MS can fix the bugs & other vulnerabilities. Windows O.S is insecure, that any
hacker can attach a worm or a Trojan or Virus to any System file!! It's not the
case with Linux. Vista will come with 'limited account' policy as default to reduce
exploits!! Let's see how far MS succeeds.