Crackers Strike Gentoo Linux Server, Code Unharmed | eWeek

Crackers Strike Gentoo Linux Server, Code Unharmed

Écrit par
Dennis Fisher
Dennis Fisher
Dec 3, 2003
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

In the latest of what is becoming a string of high-profile attacks on Linux, someone broke into one of the servers used to distribute versions of Gentoo Linux on Tuesday.

Officials at Gentoo Technologies Inc. on Wednesday posted a message in the companys online forums detailing the attack. The executives sought to reassure users and said they dont believe that the code stored on the server was affected by the compromise. The server is owned by a third party, which uses it to perform other tasks in addition to storing the Gentoo code.

The officials said the box is one of several that are part of a rotation of servers used to synchronize and update users versions of Gentoo. The company uses a unique technology known as portage, which allows users to download new packages and updates to the operating system by synchronizing their machines against the current build housed on the Gentoo servers. The company removed the compromised server from the rotation.

/zimages/2/28571.gif

The attack on Gentoo follows closely a similar compromise in late November of a server belonging to the Debian Project, which produces another distribution of Linux. And earlier this fall, someone tried to insert a back door into the Linux kernel itself, although that attempt was stopped.

/zimages/2/28571.gifTo read more about the Debian attack,click here.

Gentoo officials said that the compromised server has both an intrusion detection system and a file-integrity checker installed on it.

“We have a very detailed forensic trail of what happened once the box was breached, so we are reasonably confident that the portage tree stored on that box was unaffected,” the company said in its message to users.

The attacker apparently installed a rootkit on the server and then deleted a few files to cover his tracks.

Discuss This in the eWEEK Forum

/zimages/2/28571.gif

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.