Posted by Steve on Wed 12 Jul 2006 at 19:14
Several people have asked for information about the unavailability of one of the Debian projects main servers, gluck. This machine has been taken offline due to being compromised.
This is not the first time that a machine has been compromised, the last time was in November 2003. Then the compromise was detected via the use of a filesystem integrity checker, right now we don't know how this intrusion was detected.
So far the details available are pretty brief, as you can see in the following announcement message:
Hopefully more details will be made available after the cleanup, as promised in the message. The last compromise was the result of a sniffed password and a previously unknown vulnerability in the GNU/Linux kernel - I hope this time there isn't another zero-day floating around.
In the meantime the following services are disabled/unavailable:
More updates as they happen..
This article can be found online at the Debian Administration website at the following bookmarkable URL:
This article is copyright 2006 Steve - please ask for permission to republish or translate.