http://it.mycareer.com.au/breaking/2001/05/31/FFXQ0QREDNC.html Thursday 31 May, 2001 By BARRY PARK FAIRFAX IT Open source software portal Sourceforge has published details of the server compromise that forced the group to reset all its users' passwords. The postmortem follows news today that another open source portal, themes.org, had also been struck down by crackers. Late today the group's website was defaced by crackers before being replaced with a message the website was experiencing "fairly major technical difficulties". The website has since been stripped from the server and replaced with a "page not found" error message. Open source news portal Slashdot was also reporting today that the website for the Apache Web server software had been compromised. Sourceforge said today that crackers broke into its servers after a Sourceforge worker's password was sniffed from a cracked third-party Internet service provider. Sourceforge said without revealing the exact details that the attack affected one of its project shell servers. "It has been determined that this security compromise (of one SourceForge.net project shell server) was not caused by fault in the shell server itself; no exploits were used to penetrate the security on this host," the group said in a statement posted on its website today. "Rather, security was compromised as result of a related breach on a host of an upstream ISP for one SourceForge.net staff member. In this case, the user had logged in to the compromised ISP's host, then to the SourceForge.net project shell server; as result of the compromised nature of the ISP's host, it was possible for the intruder to capture the password the SourceForge.net staff member used in accessing that shell server. "The SourceForge.net team has since established more rigorous guidelines for host connectivity, so as to reduce the risk involved with this type of security compromise," it said. ISN is hosted by SecurityFocus.com --- To unsubscribe email isn-unsubscribeat_private
This archive was generated by hypermail 2b30 : Thu May 31 2001 - 02:20:03 PDT