Post Friends My journal
mpd

Sourceforge.net attack

Jan 29, 2011 11:23


Posted on Thursday, January 27th, 2011 by admin
Category: General
http://sourceforge.net/blog/sourceforge-net-attack/

Yesterday our vigilant operations guys detected a targeted attack against some of our developer infrastructure.
The attack resulted in an exploit of several SourceForge.net servers, and we have proactively shut down a handful of developer centric services to safeguard data and protect the majority of our services.

Our immediate priorities are to prevent further exposure and ensure data integrity.
We’ve had all hands on deck working on identifying the exploit vector or vectors, eliminating them, and are now focusing on verifying data integrity and restoring the impacted services.
The problem was initially discovered on the servers that host CVS but our analysis indicates that several other machines were involved, and while we believe we’ve determined the extent of the attack, we are verifying all of our other services and data.

As a short term response, we’ve taken down the following services to prevent any possible escalation:
  • CVS Hosting
  • ViewVC (web based code browsing)
  • New Release upload capability
  • Interactive Shell services
Once the immediate response to this attack is over, we will be providing a much more detailed account of what’s happened, and what specific actions we are taking to prevent further exploits.

Date: Sat, 29 Jan 2011 04:31:02 +0000
From: "SourceForge.net Team"
Subject: SourceForge.net passwords reset

Hello,

We recently experienced a directed attack on SourceForge infrastructure (http://sourceforge.net/blog/sourceforge-net-attack/) and so we are resetting all passwords in the sf.net database -- just in case.
We're e-mailing all sf.net registered account holders to let you know about this change to your account.

Our investigation uncovered evidence of password sniffing attempts.
We have no evidence to suggest that your password has been compromised.
But, what we definitely don't want is to find out in 2 months that passwords were compromised and we didn't take action.

So, as a proactive measure we've invalidated your SourceForge.net account password.
To access the site again, you'll need to go through the email recovery process and choose a shiny new password:

https://sourceforge.net/account/registration/recover.php

If you need help with this, feel free to e-mail us:

sfnet_ops@geek.net

We appreciate your patience with us as we work to respond to this attack.
We'll be working through the weekend to get things back to normal as quickly as possible.

Watch for updates on the service outages on our blog:

http://sourceforge.net/blog/

Thank you,

The SourceForge Team

----------------------------------------------------------------------
SourceForge.net has made this mailing to you as a registered user of the SourceForge.net site to convey important information regarding your SourceForge.net account or your use of SourceForge.net services.

We make a small number of directed mailings to registered users each year regarding their account or data, to help preserve the security of their account or prevent loss of data or service access.

If you have concerns about this mailing please contact our Support team per: http://sourceforge.net/support

цитаты, freesoftware, vcs, security

Leave a comment

Read comments 11
Previous post Next post
Up
Homepage Read journal... Full version Help Русская версия
© 1999-2024 LiveJournal, Inc.