[Pdns-announce] PowerDNS distribution server has been hacked - beware
bert hubert
ahu at ds9a.nl
Sat Aug 2 12:40:50 UTC 2003
Dear users,
Please be aware that one of the servers containing the PowerDNS sources has
been compromised (ie, hacked).
I'm currently figuring out what if anything has been touched. I've done a
lot to prevent this from ever happening again BUT I must urge you not to
trust anything you've downloaded lately from:
ds9a.nl
powerdns.org
lartc.org
The hack was most likely performed via a local user - the kernel I ran with
had local vulnerabilities.
Will keep you posted about further updates.
Lessons learned:
chmod a-w /dev/kmem
don't run with local users
update your kernel frequently
We had an impressive uptime of 440 days or so, which I was so proud of I did
not want to reboot. See where it got me.
Thanks.
--
http://www.PowerDNS.com Open source, database driven DNS Software
http://lartc.org Linux Advanced Routing & Traffic Control HOWTO
More information about the Pdns-announce
mailing list