Linux security expert defends Debian
Debian Project leaders did a good job before and after a breach that took down their servers Nov. 21 said Jay Beale, lead developer on the Bastille Linux project and a consultant at JJB Security Consulting & Training.
Administrators at the 10-year-old open source project (Debian is an operating system using the Linux kernel and is popular among Linux enthusiasts) took down four of its servers handling Web searches, bug tracking, mailing lists and security updates after a cracker -- a hacker that conducts illegal activities -- gained root level access on those machines. The administrators were able to get most of the services up and running three days later on mirrored sites (define) while running some forensic analysis on the compromised machines.
Beale told internetnews.com it's impossible to secure any server connected to the Internet, and it's even more difficult for an open source project like Debian, which has a large group of developers accessing the servers. The steps Debian project administrators took before the breach helped slow down the damage the attacker was able to cause before detection.
[ Read more ]
- News: Crackers strike Gentoo Linux server, code unharmed (4 December 2003)
- News: Linux users: are you at risk from kernel exploit? (3 December 2003)
- News: Kernel exploit cause of Debian compromise (2 December 2003)
- News: Debian attacker may have used new exploit (1 December 2003)
- News: Debian Project machines have been compromised (22 November 2003)
- Review: HackNotes Linux and Unix Security Portable Reference (24 October 2003)