- Cool Yule Tools: 2008 Holiday Gift Guide
- 10 kitchen gadgets for the geek gourmet
- Google admits to violating iPhone development terms
- Smartphone smackdown: Storm vs. iPhone
- Google layoffs: 10,000 jobs being cut
The Free Software Foundation, sponsors of the GNU free software project, said Wednesday that a key server housing the group's Linux software was broken into by a malicious hacker.
The software, which the Free Software Foundation refers to as GNU/Linux is a variant of Linux that is available free on the Internet.
The intrusion, which took place in March, compromised an FTP server that housed software making up the core of the FSF's GNU/Linux operating system, according to Bradley Kuhn, executive director of the Free Software Foundation (FSF) in Boston.
Those files included the GNU C language library and compiler, as well as other software utilities, Kuhn said.
The intruder compromised the FSF server using a now-patched vulnerability in a Linux component called PTRACE.
That vulnerability, which could enable attackers to remotely compromise and take control of affected Linux systems, was disclosed in March. No patch for the vulnerability was available when the FSF server was compromised, Kuhn said.
After gaining control of the FSF server, the malicious hacker took steps to disguise the compromise, installed a trojan horse program giving him or her access to the machine and harvested passwords from user accounts on the server, Kuhn said.
The affected accounts belonged to so-called "maintainers," FSF volunteers who are charged with maintaining various components of the GNU software, he said.
Those people have been notified about the compromise, he said.
After learning of the compromise in late July, FSF staff took the server off-line and replaced it with a secure server. The organization also removed all GNU software from the compromised system.
Since it discovered the problem, the FSF has been methodically reviewing the integrity of thousands of files exposed by the break-in and returning them to their FTP server, Kuhn said.
FSF volunteers have checked the versions of the software from the compromised server with originals in possession of the maintainers as well as copies from backups done before the compromise, he said. As of Thursday, 80% or 90% of the original files have verified and reposted to the server.
The FSF feels confident that the malicious hacker was interested in obtaining passwords, not tampering with the GNU software, Kuhn said.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment