Linux security expert defends Debian

Thursday, 4 December 2003, 11:47 AM EST

Debian Project leaders did a good job before and after a breach that took down their servers Nov. 21 said Jay Beale, lead developer on the Bastille Linux project and a consultant at JJB Security Consulting & Training.

Administrators at the 10-year-old open source project (Debian is an operating system using the Linux kernel and is popular among Linux enthusiasts) took down four of its servers handling Web searches, bug tracking, mailing lists and security updates after a cracker -- a hacker that conducts illegal activities -- gained root level access on those machines. The administrators were able to get most of the services up and running three days later on mirrored sites (define) while running some forensic analysis on the compromised machines.

Beale told it's impossible to secure any server connected to the Internet, and it's even more difficult for an open source project like Debian, which has a large group of developers accessing the servers. The steps Debian project administrators took before the breach helped slow down the damage the attacker was able to cause before detection.

[ Read more ]

Related items


New Zeus variant targets users of 150 banks

Posted on 19 December 2014.  |  A new variant of the infamous Zeus banking and information-stealing Trojan has been created to target the users of over 150 different banks and 20 payment systems in 15 countries, including the UK, the US, Russia, Spain and Japan.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Dec 22nd