---

Home Developer

Malicious Attacks Plague Linux Kernel Mailing List

By Zack Brown

Linux Today reader Zack Brown (author of the weekly Linux kernel
e-letter Kernel Traffic) sends this report:

Someone has subscribed linux-kernel to many, many
mailing lists. As far as I can tell, the first subscription took
place yesterday (August 17), and was followed by maybe 50 more. The
attack may still be going on as I write this, although Matti Aarnio
and David S. Miller (who run the linux-kernel list) are dealing
with the problem.

The unwanted subscriptions ranged in subject from porn lists to
news summaries to gaming discussion groups. As most of the lists
seemed to come from CNET (at least initially), Dave M sent a
request to the CNET administrator, to remove linux-kernel from all
its lists.

Linux-kernel was still receiving Welcome messages from unwanted
lists this morning; and in response to a query from someone, Dave M
replied, “it’s being taken care off, some PPP user on
*.saturn.bbn.net is going to town today…”

Finally, Dave M told everyone to use
x-linux-kernel@vger.rutgers.edu for their linux-kernel postings for
the next few days until he and Matti A could get the situation
locked down.

At this point (as usually happens when the list has this kind of
crisis) there was a bit of discussion about possible moderation
solutions. Chuck Mead suggested using web forms to post to the list
using a valid email address, and limiting other posting privileges
to subscribers only (the current logic is that anyone should be
able to post to linux-kernel, whether they’re subscribed or not, so
that anyone can submit a bug report without having to
subscribe).

Rik van Riel suggested allowing unmoderated postings from
subscribers, while moderating the postings from nonsubscribers. He
figured most posts came from subscribers, so it wouldn’t be such a
task to moderate the rest.

Jordan Mendelson liked this idea a lot, and suggested having a
second subscriber list for people who wanted to post but not
receive any of the list’s traffic. This way those “partial
subscribers” could bypass the moderators and help ease the task of
moderation.

There were various other suggestions, but Dave M and Matti A
stayed out of the discussion. In spite of similar (and more severe)
attacks in the past, they have always kept the list unmoderated,
and I imagine they will continue with that policy.


Zack Brown, Linuxcare, Inc.
tel: 1-415-354-4878×284, fax: 1-415-701-7457
zbrown@linuxcare.com,
http://www.linuxcare.com/
Linuxcare. At the center of Linux.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.