Weekly Edition
Return to the Press page
| |||||||||||
Hackers hit computer giants (CNN)
CNN reports
that "hackers" have cracked into computers at Stanford University, the San
Diego Supercomputer Center, the University of Illinois' National Center for
Supercomputing Applications and other supercomputing facilities. Systems
running Linux and Solaris have been compromised. "Hackers used
insecure machines to gain root privileges, which let them make the kinds of
changes normally reserved for authorized administrators. But even computers
with the latest patches were used to run password-decoding software after
hackers logged on using a compromised account, according to the Stanford
bulletin."
(Log in to post comments)
Hackers hit computer giants (CNN) Posted Apr 16, 2004 1:09 UTC (Fri) by bdw (guest, #16047) [Link] Moral of the story: Always keep up with security alerts and apply the updates!--Brian
Hackers hit computer giants (CNN) Posted Apr 16, 2004 11:03 UTC (Fri) by ballombe (subscriber, #9523) [Link] Moral of the story: run preemptive weak password detection.User accounts with weak password are the biggest security problem in any large site, especially for Universities where researchers and students do not feel they have data to protect.
Hackers hit computer giants (CNN) Posted Apr 16, 2004 16:09 UTC (Fri) by bdw (guest, #16047) [Link] I agree, 100%.I had forgotten about that. *blush* That and doing your security updates.
Hackers hit computer giants (CNN) Posted Apr 16, 2004 5:05 UTC (Fri) by horen (subscriber, #2514) [Link] Having spent six years working at a large Israeli university computation center, administrating (among other things) an IBM SP2 and a 32-node Beowulf cluster, I can tell you this: academicians -- professors (full, assistant, adjunct, w/e) and the like -- are the worst offenders when it comes to passwords and password-security. Israelis, Americans, Russians, and the rest -- it makes no difference from where they come or what their academic discipline -- are uniformly ignorant and apathetic with regard to "locking the barn door" before the fox gets into the henhouse (forgive my intentional mixing-of-metaphors). Updating system software is easy and can be made automatic, but it is irrelevant when users flagrantly disregard basic user-level security. I am so looking forward to Fedora Core 2, with its SELinux enhancements.
Hackers hit computer giants (CNN) Posted Apr 16, 2004 7:03 UTC (Fri) by frankie (subscriber, #13593) [Link] Add also that many supercomputing facilities run obsolete linux distributionswith no security support. Currently all non-enterprise releases of RH Linux e.g. And so often kernel issues require competent adminstrators to patch very old versions which cannot be changed on those machines. Any beowulf clusters should run off internet. Point. Supporting security on those beasts is a pain in the ass.
Hackers hit computer giants (CNN) Posted Apr 22, 2004 3:38 UTC (Thu) by JoeBuck (subscriber, #2330) [Link] There are two different sources of security support for old Red Hat Linux releases: Fedora Legacy and Progeny.
Hackers hit computer giants (CNN) Posted Apr 16, 2004 8:10 UTC (Fri) by janpla (guest, #11093) [Link] Being a Linux enthusiast myself, I must say that, painful as it is, we should actually be happy about this, sort of. We are never going to be in top-notch security-wise if we are not kept in training, and until now we have led a fairly lazy life-style. We have to get through a phase where we are regularly confronted with the our shortcomings, and we might as well get started now.
|
|||||||||||