Linux distributor Red Hat has issued a statement (Ed: via their errata) revealing that its servers were illegally infiltrated by unknown intruders. According to the company, internal audits have confirmed that the integrity of the Red Hat Network software deployment system was not compromised. The community-driven Fedora project, which is sponsored by Red Hat, also fell victim to a similar attack. More news is available around the web.
Thread beginning with comment 327944
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
RE: Not entirely accurate
by TechGeek on Tue 26th Aug 2008 14:59
in reply to "Not entirely accurate"
Member since:2006-01-14
RE[2]: Not entirely accurate
by flanque on Tue 26th Aug 2008 22:10
in reply to "RE: Not entirely accurate"
Member since:2005-12-15
Member since:2006-01-09
Actually, there were two separate attacks (although probably related) on the Red Hat and Fedora infrastructure servers. The Red Hat attacker was able to sign some openssh packages. My impression is that the intrusion was detected before the packages were pushed to users. But they did not compromise the private key since it is in a hardware device.
The Fedora attacker was not able to sign any packages but did potentially compromise the signing key so they generated a new one. In both cases, they shut down the update service until everything was fixed. They also forced all the Fedora contributors to generate new certificates and upload new SSH keys.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2006-09-10
Their package signing key was compromised and the intruders managed to get some OpenSSH packages signed. Combined with DNS poisoning this could be nasty.