PenTester Posted September 12, 2011 Posted September 12, 2011 Shocking News for those who think Linux is secure. Yes, the websites belonging to Linux Foundation are under attack of Hackers. Hackers breached Linux.com, linuxfoundation.org and www.kernel.org yesterday. The sites have been taken down with a notice put up stating that the sites are down for maintenance due to a security breach. Websites are still in maintenance. For FUll news: Security news
Piotr GRD Posted September 12, 2011 Posted September 12, 2011 Quote: ... Hackers breached Linux.com, linuxfoundation.org and www.kernel.org yesterday. ... Yesterday?... I though that they discovered that kernel.org was compromised on August 28th 2011 already, so more than 2 weeks ago, but no news about when exactly it was hacked, possibly days or even weeks before.
PenTester Posted September 12, 2011 Author Posted September 12, 2011 Yes you are right, they discovered the security breach on kernel.org on august itself.(you can get more details about the august breach here ). Now this september linux.com,kernel.org and linuxfoundation.org are breached.
jje Posted September 13, 2011 Posted September 13, 2011 So that's why I tried to access Kernel.org but it said it was down for mainteance....
PenTester Posted September 13, 2011 Author Posted September 13, 2011 Nothing is 100% secure in this world! There is always exception in our life.
jje Posted September 16, 2011 Posted September 16, 2011 Yeah, true. EDIT: Kernel.ORG is still down right now!
Guest xaav Posted September 17, 2011 Posted September 17, 2011 Obviously, it was a pretty serious breach.
PenTester Posted September 17, 2011 Author Posted September 17, 2011 Fortunately, the password are stored as HashCodes. if it is plain text, the user will be at risk. I hope heliohost also store our password as HashCodes.
i7Grendel Posted September 17, 2011 Posted September 17, 2011 I assume all premade software (Joomla, IP Boards, cPanel) is build decent enough that they store their passwords as hashes, so don't worry.
Guest xaav Posted September 17, 2011 Posted September 17, 2011 I hope heliohost also store our password as HashCodes. Actually, we used to store them in plaintext, but now we store them as an md5.
PenTester Posted September 18, 2011 Author Posted September 18, 2011 Good to hear. To users: Use the strong password(with special char,numbers,case combination) and no english words
vol7ron Posted November 4, 2011 Posted November 4, 2011 I hope heliohost also store our password as HashCodes. Same, but I can't remember the last time I heard of anyone storing passwords as plain text after the 90s. Actually, we used to store them in plaintext, but now we store them as an md5. You shouldn't broadcast what hashing algorithm you use And md5 isn't so secure anymore.
Krydos Posted November 4, 2011 Posted November 4, 2011 It's not straight md5 though. It has the secret djbob salt sprinkled and whatnot.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now