Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Internet Security Industry News

Server breach raises Linux code worries

Save your company's valuable data with Proxy Sentinel™ from Internet Security. Click here for all the details.

August 14, 2003

The GNU Project, which develops many of the components in the Linux operating system, said this week that the system housing its primary download servers has been compromised by an attacker.

The project urged those who have downloaded software from the server since March to check that the source code has not been tampered with. Linux, an open-source operating system that dominates the Web server market, uses the compiler, libraries and other software that was originally developed by the GNU Project. The project warned that the attacker may have inserted malicious code into its software, although it said all the code checked so far appeared to be intact.

In an alert issued Wednesday, computer security response organization CERT Coordination Center warned that the breach could prove to be a serious problem. "Because this system serves as a centralized archive of popular software, the insertion of malicious code into the distributed software is a serious threat," the warning stated. The Free Software Foundation, the GNU Project's overseer, has issued lists of "hashes"--numbers generated by the source code of software known not to have been compromised--that can be used to verify downloaded code. The lists can be found here and here.

The attacker compromised the project's servers to the root level, gaining complete control over the system, according to the GNU Project. The attack was carried out using an exploit that was revealed on March 17, and for which a patch only became available a week later. During that week, the intruder compromised the system and installed a piece of malicious code known as a Trojan horse, according to evidence found on the machine. The Trojan horse stayed in place until it was discovered in the last week of July, the project said. "The modus operandi of the cracker shows that (s)he was interested primarily in using gnuftp to collect passwords and as a launching point to attack other machines," the project said in a statement on its Web site.

The group said it has spent the weeks since the compromise was discovered verifying the integrity of its software. "Most of this work is done, and the remaining work is primarily for files that were uploaded since early 2003, as our backups from that period could also theoretically be compromised," the statement said. The project said it believes no source code was compromised. "The evidence includes the MO of the cracker, the fact that every file we've checked so far isn't compromised, and that searches for standard source Trojans turned up nothing," the group stated.


Save Internet's URL to the list of your favorite web sites
in your Web browser by clicking here.

Back to the top of the page.         
Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet 2003    Terms of use    Privacy agreement    Legal disclaimer