Gnome.org hacked

[Peachy]

Hmm,this is suspicious: http://mail.gnome.org/archives/gnome-annou...h/msg00113.html

[Neil P]

Not saying its not possible, just wondering:How do you "discover evidence of an intrusion"? I'm just wondering the process by which intrusions are detected.On topic, it seems like a good thing that the servers have been left intact...supposedly.

[havnblast]

The wonderful things called Log Files

[nlinecomputers]

Not saying its not possible, just wondering:How do you "discover evidence of an intrusion"? I'm just wondering the process by which intrusions are detected.On topic, it seems like a good thing that the servers have been left intact...supposedly.

Lots of ways.Logfiles. Tripwire. Changes in the system.(Hey which one of you guys changed the password for root? And who added the user biteme?)When debian got hacked into the first thing they noticed was the server started sending Kernel OOPS error messages. When a sever starts OOPS something serious is wrong. They started looking at logs to see if they had a hard drive failure and noticed a lot of activity on unused ports.

[Jeber]

From Planet Gnome:

As a result of the recent web server intrusion, the release team has chosen to delay the announcement of GNOME 2.6 until March 31st.While we have determined that none of our released sources were affected, we are showing due caution by giving the sysadmin team plenty of time to finish their investigation and restore critical services. Apologies for the delay, especially for all our friends around the world who have organised GNOME 2.6 release parties!