PenTester Posted September 12, 2011 Posted September 12, 2011 Shocking News for those who think Linux is secure. Yes, the websites belonging to Linux Foundation are under attack of Hackers. Hackers breached Linux.com, linuxfoundation.org and www.kernel.org yesterday. The sites have been taken down with a notice put up stating that the sites are down for maintenance due to a security breach. Websites are still in maintenance. For FUll news: Security news Quote
Piotr GRD Posted September 12, 2011 Posted September 12, 2011 Quote: ... Hackers breached Linux.com, linuxfoundation.org and www.kernel.org yesterday. ... Yesterday?... I though that they discovered that kernel.org was compromised on August 28th 2011 already, so more than 2 weeks ago, but no news about when exactly it was hacked, possibly days or even weeks before. Quote
PenTester Posted September 12, 2011 Author Posted September 12, 2011 Yes you are right, they discovered the security breach on kernel.org on august itself.(you can get more details about the august breach here ). Now this september linux.com,kernel.org and linuxfoundation.org are breached. Quote
Guest xaav Posted September 13, 2011 Posted September 13, 2011 BSD is more secure than linux is. Quote
jje Posted September 13, 2011 Posted September 13, 2011 So that's why I tried to access Kernel.org but it said it was down for mainteance.... Quote
PenTester Posted September 13, 2011 Author Posted September 13, 2011 Nothing is 100% secure in this world! There is always exception in our life. Quote
jje Posted September 16, 2011 Posted September 16, 2011 Yeah, true. EDIT: Kernel.ORG is still down right now! Quote
Guest xaav Posted September 17, 2011 Posted September 17, 2011 Obviously, it was a pretty serious breach. Quote
PenTester Posted September 17, 2011 Author Posted September 17, 2011 Fortunately, the password are stored as HashCodes. if it is plain text, the user will be at risk. I hope heliohost also store our password as HashCodes. Quote
i7Grendel Posted September 17, 2011 Posted September 17, 2011 I assume all premade software (Joomla, IP Boards, cPanel) is build decent enough that they store their passwords as hashes, so don't worry. Quote
Guest xaav Posted September 17, 2011 Posted September 17, 2011 I hope heliohost also store our password as HashCodes. Actually, we used to store them in plaintext, but now we store them as an md5. Quote
PenTester Posted September 18, 2011 Author Posted September 18, 2011 Good to hear. To users: Use the strong password(with special char,numbers,case combination) and no english words Quote
vol7ron Posted November 4, 2011 Posted November 4, 2011 I hope heliohost also store our password as HashCodes. Same, but I can't remember the last time I heard of anyone storing passwords as plain text after the 90s. Actually, we used to store them in plaintext, but now we store them as an md5. You shouldn't broadcast what hashing algorithm you use And md5 isn't so secure anymore. Quote
Krydos Posted November 4, 2011 Posted November 4, 2011 It's not straight md5 though. It has the secret djbob salt sprinkled and whatnot. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.