[oclug] Debian 2.1 iso images for packages where on the net is it?
Matthew Wilcox
willy at debian.org
Mon Nov 24 07:44:53 EST 2003
On Sat, Nov 22, 2003 at 08:45:16AM -0500, Raymond Wood wrote:
> While I have seen an official announcement yesterday about this,
> I haven't seen an official *explanation* of what happened.
> Unofficially, some people around seem to be suggesting that a
> cracker got ahold of one of the Debian developers account
> password and went on from there.
There is no official explanation yet; forensics take some time to do
[1] but there's some official detail at http://www.wiggy.net/debian/
[1] doing forensics while services are still down is tricky; do you want
bugs.debian.org back or do you want to know what happened? obviously you
need to do enough forensics to be sure the BTS wasn't the attack vector,
but once you know that where should you direct your efforts
--
"It's not Hollywood. War is real, war is primarily not about defeat or
victory, it is about death. I've seen thousands and thousands of dead bodies.
Do you think I want to have an academic debate on this subject?" -- Robert Fisk
More information about the OCLUG
mailing list