:: Re: [DNG] Ashley Madison hack
Etusivu
Poista viesti
Vastaa
Lähettäjä: shraptor
Päiväys:  
Vastaanottaja: dng
Aihe: Re: [DNG] Ashley Madison hack
I thought the most common attack on linux servers
were still SSH bruteforce?


On 2015-07-22 03:16, Robert Storey wrote:
> This might seem an unusual topic, but I think it has relevance to this
> list.
>
> Probably, most of you by now have heard that the adultery web site,
> Ashley Madison (http://www.ashleymadison.com [1]) has been hacked by
> some group that is demanding the site shut down.
>
> I don't really know much about Ashley Madison, and I assure you that I
> am not one of their customers. From what I now gather, it's a
> pay-for-play adultery web site, famous for hitting your web browser
> with annoying popouts.
>
> The relevancy to us here in Devuanland: I did a search on Netcraft,
> and it seems that the site runs on Linux, and uses Nginx as a web
> server. Some of the older servers report Red Hat as their OS, but the
> newer servers just say "Linux." I can't find out anything about which
> distro, and whether or not they are running systemd.
>
> Anyway, security is a big issue for me, as it is for all system
> administrators. So I'm kind of curious as to how the hack happened. A
> google search didn't turn up any useful info about this.
>
> My understanding is that to hack a web server, you exploit security
> holes in either the OS, or the web server software (Nginx, Apache,
> etc), or the scripting language (usually php). I confess that I'm not
> an expert. My interest in this Ashley Madison hack is that I think
> systemd has all the potential to create vast new security holes that
> would be very difficult to understand. If so, we could be seeing a lot
> more of this.
>
> I can't say much more, because I have no solid info. Just wondering if
> anyone has heard anything reliable about how the exploit was carried
> out. And whether or not systemd could have aided and abetted the
> process.
>
> cheers,
> Robert
>
>
>
> Links:
> ------
> [1] http://www.ashleymadison.com
>
> _______________________________________________
> Dng mailing list
> Dng@???
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng