SlideShare ist ein Scribd-Unternehmen logo

Kernel.org Hacked & Rooted

Intizone @ Blogging Zone
Intizone @ Blogging Zone
Technologie
1 von 2
Downloaden Sie, um offline zu lesen
Kernel.org hacked & rooted - 09-01-2011 by Intizone - Intizone - Tech Savvy's Choice, Tech Blog on Latest News, hosting, reviews, howto, freebies - http://intizone.net Kernel.org hacked & rooted by Intizone - Thursday, September 01, 2011 http://intizone.net/2011/09/01/kernel-org-hacked-rooted/ Kernel.org - The Core of Linux Kernel.org introduction Kernel.org serves the kernel of linux which is the core of linux in running every single hardware and software. Without the kernel, a computer simply cannot boot up as it cannot connect to the hardware. Summary Kernel.org's server was hacked and rooted and measures have been taken to solve the issue with the help of authorities. Attack initiation date: 12th August 2011 Attack discoveration: 28th August 2011 Measures Taken to solve the problem: 1. Full reinstallation of server. 2. Notify authorities to investigate the attack. 3. Checking on the files in git. Kernel.org Hacked & Rooted Full Story The discovering of the hack and root of kernel.org page 1 / 2
Kernel.org hacked & rooted - 09-01-2011 by Intizone - Intizone - Tech Savvy's Choice, Tech Blog on Latest News, hosting, reviews, howto, freebies - http://intizone.net Well, the story first started on 12th August. Server Hera was hacked and rooted. The server may be exploited due to the fact that an user's information was compromised. SSH passwords were changed and a rootkit called Phalanx was injected to the system. User's actions are logged and exploit codes are being run. The discover of trojan and rootkit The trojan was discovered due to the Xnest /dev/mem error message w/o Xnest installed. However, it is unknown whether the systems with this error message are vulnerable or not. This discover was made on 28th August. Actions taken on the hack and root of kernel.org The boxes are taken offline and backups and reinstallations are done. Besides, the authorities in Europe and United States are also notified to help kernel.org in the investigation of the attack. Analysis on the code within the git will be taken to confirm that no file has been injected with the rootkit or trojan. My Opinion on this attack incident I think that there must be a flaw on the server or it may due to a human flaw so the server administrators must be alert and check their logs daily to prevent such an incident from bringing a greater damage to the world as almost every servers in the world uses Linux based distro as their server. page 2 / 2 Powered by TCPDF (www.tcpdf.org)

Empfohlen

The A and the P of the T
The A and the P of the TThe A and the P of the T
The A and the P of the T
pinkflawd
 
Hacker bootcamp
Hacker bootcampHacker bootcamp
Hacker bootcamp
Gregory Hanis
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoors
Gaurav Dalvi
 
Detection of running backdoors
Detection of running backdoorsDetection of running backdoors
Detection of running backdoors
mridulahuja
 
Backdoor
BackdoorBackdoor
Backdoor
phanleson
 
Trojan backdoors
Trojan backdoorsTrojan backdoors
Trojan backdoors
seth edmond
 
Introduction to trojans and backdoors
Introduction to trojans and backdoorsIntroduction to trojans and backdoors
Introduction to trojans and backdoors
jibinmanjooran
 
BackDoors Seminar
BackDoors SeminarBackDoors Seminar
BackDoors Seminar
Chaitali Patel
 

Empfohlen

The A and the P of the T
The A and the P of the TThe A and the P of the T
The A and the P of the T
pinkflawd
 
Hacker bootcamp
Hacker bootcampHacker bootcamp
Hacker bootcamp
Gregory Hanis
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoors
Gaurav Dalvi
 
Detection of running backdoors
Detection of running backdoorsDetection of running backdoors
Detection of running backdoors
mridulahuja
 
Backdoor
BackdoorBackdoor
Backdoor
phanleson
 
Trojan backdoors
Trojan backdoorsTrojan backdoors
Trojan backdoors
seth edmond
 
Introduction to trojans and backdoors
Introduction to trojans and backdoorsIntroduction to trojans and backdoors
Introduction to trojans and backdoors
jibinmanjooran
 
BackDoors Seminar
BackDoors SeminarBackDoors Seminar
BackDoors Seminar
Chaitali Patel
 
Web backdoors attacks, evasion, detection
Web backdoors attacks, evasion, detectionWeb backdoors attacks, evasion, detection
Web backdoors attacks, evasion, detection
n|u - The Open Security Community
 
Essential security for linux servers
Essential security for linux serversEssential security for linux servers
Essential security for linux servers
Juan Carlos Pérez Pardo
 
Wittyvirusabic
WittyvirusabicWittyvirusabic
Wittyvirusabic
abisai09
 
Dissecting the Hack: Malware Analysis 101
Dissecting the Hack: Malware Analysis 101 Dissecting the Hack: Malware Analysis 101
Dissecting the Hack: Malware Analysis 101
Rochester Security Summit
 
Research Paper on Rootkit.
Research Paper on Rootkit.Research Paper on Rootkit.
Research Paper on Rootkit.
Anuj Khandelwal
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoors
Shrey Vyas
 
Linux security-fosster-09
Linux security-fosster-09Linux security-fosster-09
Linux security-fosster-09
Dr. Jayaraj Poroor
 
Playing with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritzPlaying with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritz
Deepanshu Gajbhiye
 
Trojan horsies prez
Trojan horsies prezTrojan horsies prez
Trojan horsies prez
Studio Sheen
 
Keyloggers and Spywares
Keyloggers and SpywaresKeyloggers and Spywares
Keyloggers and Spywares
Ankit Mistry
 
Stuxnet
StuxnetStuxnet
Stuxnet
Shishir Aryal
 
Stuxnet flame
Stuxnet flameStuxnet flame
Stuxnet flame
Santosh Khadsare
 
Malware freak show
Malware freak showMalware freak show
Malware freak show
sr1nu
 
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
HackIT Ukraine
 
Modern computer virology
Modern computer virologyModern computer virology
Modern computer virology
Sandun Perera
 
Bots and Botnet
Bots and BotnetBots and Botnet
Bots and Botnet
Hicube Infosec
 
Baton rouge std testing
Baton rouge std testingBaton rouge std testing
Baton rouge std testing
lavernfox12
 
CarolinaCon 2008 Rootkits Then and Now
CarolinaCon 2008 Rootkits Then and NowCarolinaCon 2008 Rootkits Then and Now
CarolinaCon 2008 Rootkits Then and Now
Tyler Shields
 
The Stuxnet Virus FINAL
The Stuxnet Virus FINALThe Stuxnet Virus FINAL
The Stuxnet Virus FINAL
Nicholas Poole
 
Threats, Vulnerabilities & Security measures in Linux
Threats, Vulnerabilities & Security measures in LinuxThreats, Vulnerabilities & Security measures in Linux
Threats, Vulnerabilities & Security measures in Linux
Amitesh Bharti
 
An overview of unix rootkits
An overview of unix rootkitsAn overview of unix rootkits
An overview of unix rootkits
UltraUploader
 
Security Walls in Linux Environment: Practice, Experience, and Results
Security Walls in Linux Environment: Practice, Experience, and ResultsSecurity Walls in Linux Environment: Practice, Experience, and Results
Security Walls in Linux Environment: Practice, Experience, and Results
Igor Beliaiev
 

Weitere ähnliche Inhalte

Was ist angesagt?

Wittyvirusabic
WittyvirusabicWittyvirusabic
Wittyvirusabic
abisai09
 
Dissecting the Hack: Malware Analysis 101
Dissecting the Hack: Malware Analysis 101 Dissecting the Hack: Malware Analysis 101
Dissecting the Hack: Malware Analysis 101
Rochester Security Summit
 
Trojan horsies prez
Trojan horsies prezTrojan horsies prez
Trojan horsies prez
Studio Sheen
 
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
HackIT Ukraine
 
Baton rouge std testing
Baton rouge std testingBaton rouge std testing
Baton rouge std testing
lavernfox12
 
The Stuxnet Virus FINAL
The Stuxnet Virus FINALThe Stuxnet Virus FINAL
The Stuxnet Virus FINAL
Nicholas Poole
 

Was ist angesagt? (19)

Web backdoors attacks, evasion, detection
Web backdoors attacks, evasion, detectionWeb backdoors attacks, evasion, detection
Web backdoors attacks, evasion, detection
 
Essential security for linux servers
Essential security for linux serversEssential security for linux servers
Essential security for linux servers
 
Wittyvirusabic
WittyvirusabicWittyvirusabic
Wittyvirusabic
 
Dissecting the Hack: Malware Analysis 101
Dissecting the Hack: Malware Analysis 101 Dissecting the Hack: Malware Analysis 101
Dissecting the Hack: Malware Analysis 101
 
Research Paper on Rootkit.
Research Paper on Rootkit.Research Paper on Rootkit.
Research Paper on Rootkit.
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoors
 
Linux security-fosster-09
Linux security-fosster-09Linux security-fosster-09
Linux security-fosster-09
 
Playing with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritzPlaying with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritz
 
Trojan horsies prez
Trojan horsies prezTrojan horsies prez
Trojan horsies prez
 
Keyloggers and Spywares
Keyloggers and SpywaresKeyloggers and Spywares
Keyloggers and Spywares
 
Stuxnet
StuxnetStuxnet
Stuxnet
 
Stuxnet flame
Stuxnet flameStuxnet flame
Stuxnet flame
 
Malware freak show
Malware freak showMalware freak show
Malware freak show
 
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
 
Modern computer virology
Modern computer virologyModern computer virology
Modern computer virology
 
Bots and Botnet
Bots and BotnetBots and Botnet
Bots and Botnet
 
Baton rouge std testing
Baton rouge std testingBaton rouge std testing
Baton rouge std testing
 
CarolinaCon 2008 Rootkits Then and Now
CarolinaCon 2008 Rootkits Then and NowCarolinaCon 2008 Rootkits Then and Now
CarolinaCon 2008 Rootkits Then and Now
 
The Stuxnet Virus FINAL
The Stuxnet Virus FINALThe Stuxnet Virus FINAL
The Stuxnet Virus FINAL
 

Ähnlich wie Kernel.org Hacked & Rooted

An overview of unix rootkits
An overview of unix rootkitsAn overview of unix rootkits
An overview of unix rootkits
UltraUploader
 
Research and discuss an incident where it was discovered that a Remo.pdf
Research and discuss an incident where it was discovered that a Remo.pdfResearch and discuss an incident where it was discovered that a Remo.pdf
Research and discuss an incident where it was discovered that a Remo.pdf
fathimafancy
 
Chapter 10. ScenariosI have always been a big fan of learnin
Chapter 10. ScenariosI have always been a big fan of learninChapter 10. ScenariosI have always been a big fan of learnin
Chapter 10. ScenariosI have always been a big fan of learnin
EstelaJeffery653
 
2011-A_Novel_Approach_to_Troubleshoot_Security_Attacks_in_Local_Area_Networks...
2011-A_Novel_Approach_to_Troubleshoot_Security_Attacks_in_Local_Area_Networks...2011-A_Novel_Approach_to_Troubleshoot_Security_Attacks_in_Local_Area_Networks...
2011-A_Novel_Approach_to_Troubleshoot_Security_Attacks_in_Local_Area_Networks...
Mrunalini Koritala
 
Presentation Prepared By: Mohamad Almajali
Presentation Prepared By: Mohamad AlmajaliPresentation Prepared By: Mohamad Almajali
Presentation Prepared By: Mohamad Almajali
webhostingguy
 
Rootkit&honeypot aalonso-dcu-dec09
Rootkit&honeypot aalonso-dcu-dec09Rootkit&honeypot aalonso-dcu-dec09
Rootkit&honeypot aalonso-dcu-dec09
Angelill0
 
Survey of Rootkit Technologies and Their Impact on Digital Forensics
Survey of Rootkit Technologies and Their Impact on Digital ForensicsSurvey of Rootkit Technologies and Their Impact on Digital Forensics
Survey of Rootkit Technologies and Their Impact on Digital Forensics
Tyler Shields
 
powe point presentation on kali linux and ethical hacking
powe point presentation on kali linux and ethical hackingpowe point presentation on kali linux and ethical hacking
powe point presentation on kali linux and ethical hacking
dhruvpawar010
 

Ähnlich wie Kernel.org Hacked & Rooted (20)

Threats, Vulnerabilities & Security measures in Linux
Threats, Vulnerabilities & Security measures in LinuxThreats, Vulnerabilities & Security measures in Linux
Threats, Vulnerabilities & Security measures in Linux
 
An overview of unix rootkits
An overview of unix rootkitsAn overview of unix rootkits
An overview of unix rootkits
 
Security Walls in Linux Environment: Practice, Experience, and Results
Security Walls in Linux Environment: Practice, Experience, and ResultsSecurity Walls in Linux Environment: Practice, Experience, and Results
Security Walls in Linux Environment: Practice, Experience, and Results
 
Kautilya: Teensy beyond shell
Kautilya: Teensy beyond shellKautilya: Teensy beyond shell
Kautilya: Teensy beyond shell
 
Teensy Programming for Everyone
Teensy Programming for EveryoneTeensy Programming for Everyone
Teensy Programming for Everyone
 
Research and discuss an incident where it was discovered that a Remo.pdf
Research and discuss an incident where it was discovered that a Remo.pdfResearch and discuss an incident where it was discovered that a Remo.pdf
Research and discuss an incident where it was discovered that a Remo.pdf
 
Ceh v5 module 18 linux hacking
Ceh v5 module 18 linux hackingCeh v5 module 18 linux hacking
Ceh v5 module 18 linux hacking
 
Deft v7
Deft v7Deft v7
Deft v7
 
Chapter 10. ScenariosI have always been a big fan of learnin
Chapter 10. ScenariosI have always been a big fan of learninChapter 10. ScenariosI have always been a big fan of learnin
Chapter 10. ScenariosI have always been a big fan of learnin
 
Linux Operating System
Linux Operating SystemLinux Operating System
Linux Operating System
 
2011-A_Novel_Approach_to_Troubleshoot_Security_Attacks_in_Local_Area_Networks...
2011-A_Novel_Approach_to_Troubleshoot_Security_Attacks_in_Local_Area_Networks...2011-A_Novel_Approach_to_Troubleshoot_Security_Attacks_in_Local_Area_Networks...
2011-A_Novel_Approach_to_Troubleshoot_Security_Attacks_in_Local_Area_Networks...
 
Presentation Prepared By: Mohamad Almajali
Presentation Prepared By: Mohamad AlmajaliPresentation Prepared By: Mohamad Almajali
Presentation Prepared By: Mohamad Almajali
 
Rootkit&honeypot aalonso-dcu-dec09
Rootkit&honeypot aalonso-dcu-dec09Rootkit&honeypot aalonso-dcu-dec09
Rootkit&honeypot aalonso-dcu-dec09
 
Firmware analysis 101
Firmware analysis 101Firmware analysis 101
Firmware analysis 101
 
LXC, Docker, security: is it safe to run applications in Linux Containers?
LXC, Docker, security: is it safe to run applications in Linux Containers?LXC, Docker, security: is it safe to run applications in Linux Containers?
LXC, Docker, security: is it safe to run applications in Linux Containers?
 
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
 
Survey of Rootkit Technologies and Their Impact on Digital Forensics
Survey of Rootkit Technologies and Their Impact on Digital ForensicsSurvey of Rootkit Technologies and Their Impact on Digital Forensics
Survey of Rootkit Technologies and Their Impact on Digital Forensics
 
Lifnaaaaaa e
Lifnaaaaaa eLifnaaaaaa e
Lifnaaaaaa e
 
Introduction To Linux Security
Introduction To Linux SecurityIntroduction To Linux Security
Introduction To Linux Security
 
powe point presentation on kali linux and ethical hacking
powe point presentation on kali linux and ethical hackingpowe point presentation on kali linux and ethical hacking
powe point presentation on kali linux and ethical hacking
 

Mehr von Intizone @ Blogging Zone

AMD FX - 8.429GHZ World Record Fastest Processor
AMD FX - 8.429GHZ World Record Fastest ProcessorAMD FX - 8.429GHZ World Record Fastest Processor
AMD FX - 8.429GHZ World Record Fastest Processor
Intizone @ Blogging Zone
 

Mehr von Intizone @ Blogging Zone (6)

AMD FX - 8.429GHZ World Record Fastest Processor
AMD FX - 8.429GHZ World Record Fastest ProcessorAMD FX - 8.429GHZ World Record Fastest Processor
AMD FX - 8.429GHZ World Record Fastest Processor
 
Overselling and why it is bad
Overselling and why it is badOverselling and why it is bad
Overselling and why it is bad
 
Change Firefox Addon Version
Change Firefox Addon VersionChange Firefox Addon Version
Change Firefox Addon Version
 
Welcome to Intizone.net
Welcome to Intizone.netWelcome to Intizone.net
Welcome to Intizone.net
 
News Summary Added
News Summary AddedNews Summary Added
News Summary Added
 
Preview Facebook Settings
Preview Facebook SettingsPreview Facebook Settings
Preview Facebook Settings
 

Kürzlich hochgeladen

Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
CzechDreamin
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
Srushith Repakula
 
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
panagenda
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
Femke de Vroome
 
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
UK Journal
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
CzechDreamin
 

Kürzlich hochgeladen (20)

Microsoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - QuestionnaireMicrosoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - Questionnaire
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John Staveley
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 Warsaw
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
 
Overview of Hyperledger Foundation
Overview of Hyperledger FoundationOverview of Hyperledger Foundation
Overview of Hyperledger Foundation
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 

Kernel.org Hacked & Rooted

  • 1. Kernel.org hacked & rooted - 09-01-2011 by Intizone - Intizone - Tech Savvy's Choice, Tech Blog on Latest News, hosting, reviews, howto, freebies - http://intizone.net Kernel.org hacked & rooted by Intizone - Thursday, September 01, 2011 http://intizone.net/2011/09/01/kernel-org-hacked-rooted/ Kernel.org - The Core of Linux Kernel.org introduction Kernel.org serves the kernel of linux which is the core of linux in running every single hardware and software. Without the kernel, a computer simply cannot boot up as it cannot connect to the hardware. Summary Kernel.org's server was hacked and rooted and measures have been taken to solve the issue with the help of authorities. Attack initiation date: 12th August 2011 Attack discoveration: 28th August 2011 Measures Taken to solve the problem: 1. Full reinstallation of server. 2. Notify authorities to investigate the attack. 3. Checking on the files in git. Kernel.org Hacked & Rooted Full Story The discovering of the hack and root of kernel.org page 1 / 2
  • 2. Kernel.org hacked & rooted - 09-01-2011 by Intizone - Intizone - Tech Savvy's Choice, Tech Blog on Latest News, hosting, reviews, howto, freebies - http://intizone.net Well, the story first started on 12th August. Server Hera was hacked and rooted. The server may be exploited due to the fact that an user's information was compromised. SSH passwords were changed and a rootkit called Phalanx was injected to the system. User's actions are logged and exploit codes are being run. The discover of trojan and rootkit The trojan was discovered due to the Xnest /dev/mem error message w/o Xnest installed. However, it is unknown whether the systems with this error message are vulnerable or not. This discover was made on 28th August. Actions taken on the hack and root of kernel.org The boxes are taken offline and backups and reinstallations are done. Besides, the authorities in Europe and United States are also notified to help kernel.org in the investigation of the attack. Analysis on the code within the git will be taken to confirm that no file has been injected with the rootkit or trojan. My Opinion on this attack incident I think that there must be a flaw on the server or it may due to a human flaw so the server administrators must be alert and check their logs daily to prevent such an incident from bringing a greater damage to the world as almost every servers in the world uses Linux based distro as their server. page 2 / 2 Powered by TCPDF (www.tcpdf.org)