Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Development
    • Networking
    • Servers

    Fedora Site Hacked, but Servers, Code Undamaged

    By
    Fahmida Y. Rashid
    -
    January 26, 2011
    Share
    Facebook
    Twitter
    Linkedin

      An attacker attempted to compromise the servers for the Fedora Project, the community version of the Red Hat Enterprise Linux, but didn’t damage any servers or code, according to an e-mail sent to the Fedora mailing list on Jan. 25.

      In the message, titled “A security incident on Fedora infrastructure,” Fedora Project leader Jared Smith disclosed that a Fedora contributor’s log-in and password credentials were stolen and used to access the systems on Jan. 22.

      The account belonged to a contributor who had access to push code packages in the Fedora SCM, to perform builds and to make updates to Fedora packages, according to Smith. The contributor was not a member of any sysadmin or Release Engineering groups and had only limited privileges on fedorapeople.org, he wrote.

      The Fedora Infrastructure Team investigated the incident, and was able to conclude that the attacker did not push any changes to the Fedora SCM, access the project repositories at pkgs.fedoraproject.org, perform any builds or push out any package updates, according to Smith. “We do not believe that any Fedora packages or other Fedora contributor accounts were affected,” and there is “no evidence” that the compromise “extended beyond this single account,” he wrote.

      What the attacker did manage to do was to change the value of the SSH key saved in the Fedora Accounts System and log in to fedorapeople.org, Smith said. The breach was discovered because the original account user received an e-mail from Fedora Account System indicating some account details had been changed. As soon as the Infrastructure Team was notified, the compromised account was locked down and a thorough audit of the logs was conducted to track all attacker activity, Smith wrote. The Infrastructure Team took snapshots of all the filesystems the account had access to and compared it with previous snapshots to ensure no changes had been made.

      With the compromise of fedorapeople.org, the attacker could have pushed changes to Fedora’s SCM system, but Smith said it wasn’t likely. He still encouraged Fedora package maintainers to report anything they considered suspicious.

      The account information was “compromised externally,” and the “Fedora Infrastructure was not subject to any code vulnerability or exploit,” Smith wrote. He reminded contributors of the importance of choosing a strong password and to not reuse their Fedora password on other Websites or accounts.

      This is the third attack on an open-source project in the past few weeks. In December, the main source code repository for the Free Software Foundation was shut down after attackers compromised the site’s account passwords. Also in December, attackers hacked ProFTPD servers via an unpatched vulnerability in the application. For three days, anyone downloading the open-source file transfer application received an infected version that provided attackers with unauthorized access to their systems.

      Apache was hit twice in 2010, and Fedora was compromised once before in 2008. In that incident, both Fedora and Red Hat servers were “illegally accessed,” according to a note by Fedora Project Leader Paul Frields at the time. But again, attackers did not have any impact on Fedora Linux or related packages. After the compromise, both Red Hat and Fedora reissued security keys and improved security practices, even though it meant delaying Fedora product releases.

      Avatar
      Fahmida Y. Rashid

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×