Linux Group's Servers Hacked

PCWorld.com ^ | Monday, November 24, 2003 | Paul Roberts

[Bush2000]

BWAHAHAHAHAHAHAHAHAHAHAHAHAHA!!!!

[TomServo]

oops!

[Yeti]

Tee hee.

Isn't Debian supposed to be the "super secure" flavor of Linux?

[xrp]

Well, someone got root!

[agarrett]

  Oh, I see. Hacking is only wrong, illegal, etc. when it is done to some one you like.

  Otherwise it's a source for glee.

Drew Garrett

[Swordmaker]

Excuse me, but Linux is not FreeBSD Unix... which is now far beyond 3.4. FreeBSD UNIX is now 5.1...

[xrp]

uhh, wtf you talking about? OpenBSD is on 3.4, FreeBSD is on 5.1.

I know the difference between Linux and *BSD.

[Ramius]

Oh, I see. Hacking is only wrong, illegal, etc. when it is done to some one you like.

Otherwise it's a source for glee.

Well, yeah. That's about the size of it. :-)

OK... In fact I find no joy in this. Of course not. But I don't have a bug up an orifice about my favorite OS either. I can see how some would indulge in a little righteous indignation, however. Good for the goose, et al.

[RedBloodedAmerican]

But...but...

[sigSEGV]

And how many times has an internal Microsoft server been hacked? And how would we know? How would they know? Do they have such a rigorous source code signing procedure?

[Poser]

Today's Linux Follies

I got my 1.3ghz $199 Walmart white box today. I took a 128mb module out of my PII 300 and added it to the 128mb that was already installed. Booted it up and it worked nicely with Knoppix CD Linux. The 52x CD made it run considerably faster than the old machine with the 24x unit.

I popped in Redhat 9.x and did a full install. It took about 35 minutes. No hitches. All of the hardware, mostly standard were easily recognized and I had to read the back of my monitor to pick it off the list. There was a complete selection of Optiplex monitors in the list including my 773-2. I tried a few of the built in applications. They could have been faster, but they were acceptable.

I had to give a makeup accounting exam so I left it running for 3 hours. Result: Still running when I came back. It would have frozen up on the PII 300.

I spent another two hours trying to get the network printer to work with no success. I gave up on the printer.

Next, I installed a floppy drive and an internal Zip 100. I didn't have time to figure out how to access them. It was not intuitive on the desktop and the file manager didn't give me any hints. I'm going to have to dig through the manuals to learn how to use anything but the my home folder on the hard drive. That is not good. If I have to read the manual, my students will never figure it out. It is possible that the floppy drive and the disk drive aren't installed properly and will arrive on my desktop when they are configured right, but I wouldn't have to do that in Windows.

Latest evaluation:

• Much better speed - acceptable as desktop environment
• Easy installation of basic operating system
• Peripheral installation is anything but simple
• Network printers are hell to install
• File manager needs improvement
• Games are far superior to Microsoft products
• The Redhat manuals are not very helpful for anything beyond elementary problems

More to come. I'm going to go on perma-hold and call the Redhat support line. It's good until December 13th and dammit, they are going to get my network printer working or send me a refund (fat chance of that).

[Noumenon]

Nothing's 100% secure. All it takes is one little slip-up, one failure to apply a patch, and you'll get a rootkit or two setting up housekeeping on your system. Teh variety of vulnerability scanner tools is nothing short of breathtaking.

[xrp]

I got my 1.3ghz $199 Walmart white box today. I took a 128mb module out of my PII 300 and added it to the 128mb that was already installed.

How could your P2/300 memory work in a brand new computer system? Wouldn't that P2/300 memory be 100Mhz SDRAM?

[Poser]

168 Pin 100mhz. The new computer had 133mhz. I was skeptical, but it seems to work nicely. We'll see. I have a 64mb 133mhz chip if if stops working. If I start getting memory errors, I'll change it.

[xrp]

Heh...most true new computers have PC2700 SDRAM or faster ;-)

[Poser]

My other option is to install the other 128mb of 100mhz RAM to match the slower one and see how that works. I think it is a 133 buss however. I may be in for chip timing problems.

[farmfriend]

Your area I believe.

[dwollmann]

Isn't Debian supposed to be the "super secure" flavor of Linux?

No. You're thinking of OpenBSD, which is a BSD, not Linux. Debian's probably most widely recognized for being stable and easy to maintain, but not very "sexy" for the desktop.

[justlurking]

Isn't Debian supposed to be the "super secure" flavor of Linux?

No, Debian is the "stable" version of Linux. I believe they are still on the 2.2 version of the kernel.

Looks like another case of someone not keeping up with security patches.