Open Source Productivity Solutions >>
Welcome | Log In
Security

Canonical Resorts to Tough Love Over Server Outage

Print Version
E-Mail Article
Reprints

By Nancy Cohen
LinuxInsider
08/20/07 1:05 PM PT

Ubuntu, a Debian-based Linux distribution, had to shut down more than half of its community servers recently because they appeared to have been commandeered by hackers, who could then launch attacks. According to Ubuntu community accounts, the members first learned that one of the machines had been compromised and was being used to try to hack other machines.


Entering European Markets: A Challenging but Real Opportunity
Although the U.S. has a large Internet population, 79 percent of all Web users are now outside the U.S. Online retailers have viable options for entering into international expansion mode, particularly with respect to European markets. [Download PDF: 6 pgs | 686k]

Canonical, the commercial sponsor of the Linux Linux MPS Pro - Focus on Your Business - Not Your IT Infrastructure. $599.95/month. Click to learn more. distribution Ubuntu, asserted there has to be some decisive Ubuntu community action to make sure it doesn't suffer another outage.

Canonical had to shut down five of eight servers in order to avert potential hacker Take the FREE Motorola AirDefense WLAN Security Assessment. Click here. Latest News about hacker attacks earlier this month.

"Either their servers come into the Canonical Data Center and are managed with the same rigor as all other servers, or they opt out of the Canonical Data Center and are managed independently," Gerry Carr, Canonical's marketing manager, told LinuxInsider.

No More Ambiguity

"This removes any ambiguity in their status and will prevent this type of incident happening again," Carr said.

Ubuntu, a Debian-based Linux distribution, had to shut down more than half of its community servers recently because they appeared to have been commandeered by hackers, who could then launch attacks.

According to Ubuntu community accounts, the members first learned that one of the machines had been compromised and was being used to try to hack other machines. Then, it was discovered that five of the eight machines had been compromised. The machines were promptly shut down.

Missing Patches

There was no big surprise about their vulnerability, however. Servers in question were running out-of-date software and were missing security patches.

Canonical on Monday also commented on the server outage in a definitive way to quell any jitters among Ubuntu users. "Any work with our partners or customers was and is completely unaffected, as is anything core to the Ubuntu project, including all downloads of every flavor of Ubuntu," Carr told LinuxInsider.

The servers in question were for community functions such as blogs and local documentation, and not for downloadable software. Nonetheless, Canonical apparently was not amused.

A Lack of TLC

"The servers affected were local community servers, that is servers used by the Ubuntu community for individual projects, local Web sites, and, as we see, a number of their own software projects," Carr said. "These were managed by a combination of Canonical and community members, and frankly, this arrangement did not work."

Core production servers get the security TLC from Canonical. The incidents, said Carr, involved "a separate discrete set of servers housed in separate facility on a different network and managed differently."

To err is, well, Ubuntu. Roughly translated, it means humanness. Figuring out a well-managed construct for all Ubuntu servers, at least for Canonical, will be divine.

Social Networking Toolbox:
Talkback: Be the first to comment on this story.

Print Version E-Mail Article Reprints More by Nancy Cohen   RSS

Related News Alerts

Hacker Activate Alert | Search Archives

Related Resources

Don't miss a story -- sign up for our FREE e-mail newsletters and view the latest headlines at a glance.
Tech News Flash [ View Sample ]
E-Commerce Minute [ View Sample ]
ECT News Network Weekly Newsletter [ View Sample ]
Shortcuts
> Get Business and Technology News Alerts
> Most Popular | Spotlight Features | Podcasts
> This Week on ECT News Network | Archives
> WiFi Hotspot Locator
Latest Reviews
> [More...]
LinuxInsider
E-Commerce Times
TechNewsWorld
MacNewsWorld
CRM Buyer
Must Read
> [More...]
LinuxInsider Sponsored Links
Think your data is safe?
Think again. It's time to Outthink the Threat. Get eBook now.
Is Your Wireless LAN Deployment at Risk?
Take the FREE Motorola AirDefense WLAN Security Assessment
Akamai Web 2.0 White Paper
Web 2.0 is Here – Is Your Infrastructure Ready? Maximize the value of your interactive site.
Enterprise IT Vendor Directory
Research and qualify your enterprise IT and business solutions. Take advantage of the most comprehensive vendor directory available today.
  WiFi Hotspot Locator
City or Zip/Postal Code:
Country/Region:
ECT News Network Information
Locate Products and Services
Corporate
Reader Services
ECT News Network
Terms of Service | Privacy Policy | How To Advertise
Copyright 1998-2008 ECT News Network, Inc. All Rights Reserved.