Attack on Linux reported (again)

Message

dogle · #1 Post by **dogle** » Thu 01 Sep 2011, 09:42

http://www.theregister.co.uk/2011/08/31 ... ty_breach/

The shape of things to come?
(edit - see new post September 12)

Dougal · #2 Post by **Dougal** » Thu 01 Sep 2011, 19:04

What Jon Corbet has to say is likely more intelligent than what El Reg report...

Bruce B · #3 Post by **Bruce B** » Thu 01 Sep 2011, 19:18

dogle wrote:http://www.theregister.co.uk/2011/08/31 ... ty_breach/

The shape of things to come?

The way I read it was it was not an attack on a Linux vulnerability, rather other vulnerabilities not associated with Linux itself.

~

nooby · #4 Post by **nooby** » Thu 01 Sep 2011, 19:24

Would puppy then be as safe as Slitaz or TinyCore or some other non-root? oops I do run Slitaz as root so that does not help me then?

But TCL I run as user. Am I more safe on TCL then? I mean in relation to what them write about there?

Puppy has built in servers? but as long as one don't call them up them don't run in the background or do they?

d4p · #5 Post by **d4p** » Fri 02 Sep 2011, 01:14

ZDNet Australia, 2004
http://www.zdnet.com.au/linux-hacked-mo ... 116229.htm

nooby · #6 Post by **nooby** » Fri 02 Sep 2011, 08:07

d4p that one from 2004 was also about Servers.
Does the average user of puppy have the server activated at boot? Or does one have to start a special program?

What is the name of the server can one stop it from going on?

WillM · #7 Post by **WillM** » Fri 02 Sep 2011, 22:09

Hi nooby,

The name of the web server on Puppy Linux is called hiawatha. It must be started manually, so that should not be running.

nooby · #8 Post by **nooby** » Sat 03 Sep 2011, 08:57

Thanks, now when you give me the name I do remember I have seen it many times in the forum but have never read about it due to me not into server and barely get what it is. sure one can place files on such and then others can ftp to and fro. but that is all I know.

Ooops Edit. All of you know that there is a "Server" built into Opera!!!

So how safe is that one then. Is that one on all the time maybe? I use Firefox. Does that one maybe act as a server too? Flash addon maybe does

What I don't like about AV is that the free ones seldom are so good that them can tell that one are under attack only much later can find that a signature is a known such one but then that one have been there for days doing damage.

What we would need is software that "sense" something bad is going on and it shut it out and told us instantly. An intelligent watcher over what come in and goes out.

Dougal · #9 Post by **Dougal** » Sat 03 Sep 2011, 18:51

nooby wrote:d4p that one from 2004 was also about Servers.

That's also the time when MS were spending a lot of money to get people to publish lies about Linux... they even had a website "proving" that Windows Server is better than Linux.

Nearly everything published on internet "news" sites should not be taken seriously... not only is it badly written (and by ignorant people), but also tends to be propaganda for some corporation or other (see, for example, how since Condé Nast acquired Ars Technica, Ars has become strangely pro-Apple and anti-Google/Android slanted...).

nooby · #10 Post by **nooby** » Sat 03 Sep 2011, 19:00

okay, we are all a bit biased maybe

At least I am a Frugal Install NTFS Fan

dogle · #11 Post by **dogle** » Mon 12 Sep 2011, 16:37

ooops! ......

Linux Foundation infrastructure including LinuxFoundation.org, Linux.com, and their subdomains are down for maintenance due to a security breach that was discovered on September 8, 2011.

http://www.Linux.com

nooby · #12 Post by **nooby** » Mon 12 Sep 2011, 18:28

that is four days ago. Seems severe thing or is it normal that one ahve problem for four days?

Dave_G · #13 Post by **Dave_G** » Mon 12 Sep 2011, 18:34

Yup, still down so it must be serious.

robotgirl · #14 Post by **robotgirl** » Mon 12 Sep 2011, 19:26

they probably just don't want to go back up until they know the root (no pun intended) of the problem, it's not really that uncommon for a site to stay down for a few days after an attack like this. This is a security breach, not a simple DDOS attack or something.

Dougal · #15 Post by **Dougal** » Wed 14 Sep 2011, 12:32

dogle wrote:ooops! ......
Linux Foundation infrastructure including LinuxFoundation.org, Linux.com, and their subdomains are down for maintenance due to a security breach that was discovered on September 8, 2011.

From what I understand, H. Peter Anvin (x86 subsystem maintainer, Syslinux developer etc.) had a trojan on his computer... so getting into kernel.org would have been easy and from there probably also linux.com.

nooby · #16 Post by **nooby** » Wed 14 Sep 2011, 13:15

Obviously it does happen even to those that have knowledge.
So much easier it must be to invade people who don't know at all?

We need people who cares about our need for protection.

(old)Puppy Linux Discussion Forum

(old)Puppy Linux Discussion Forum

Attack on Linux reported (again)

Attack on Linux reported (again)

Re: Attack on Linux reported