Linux Today: Linux News On Internet Time.

SourceForge Outlines Nature of Shell Server Compromise

May 31, 2001, 16:42 (8 Talkback[s])
(Other stories by moorman)

SourceForge has posted details on the compromise that led to cracks of several sites, including php.net, apache.org, and themes.org.

"This notice contains official details provided by the SourceForge.net team. On Tuesday, 22 May, 2001, the security was compromised on one of the SourceForge.net project shell servers. Security and data integrity has since been restored and SourceForge.net services are currently online and functioning properly.

This compromise affected one of the SourceForge.net project shell servers. SourceForge.net staff detected this intrusion and promptly took the compromised system offline for further analysis. At that time, notification was provided to end-users that shell services had been taken offline pending completion of an unplanned event.

SourceForge.net firmly supports the use of security-enhancing tools and and proper security practices. All SourceForge.net site users are provided with SSL-protected access to the SourceForge.net site. All users of the project services SourceForge.net provides; including shell services, CVS services, and compile farm services; are required to use the SSH (Secure SHell) cryptographically-enhanced communications suite in using these services."

Complete Story

Related Stories: