Page 1 of 5

linuxaudio.org compromised - 2018-01-29

Posted: Wed Jan 31, 2018 11:30 am
by autostatic
Dear all,

January 29th the linuxaudio.org was compromised. Someone managed to pull in a privilege escalation exploit, probably through a reverse shell and got root. This was discovered by the Virginia Tech IT department and they cut the server off from the network. Their policy dictates that compromised servers have to be wiped and reinstalled. Because we didn't have an option to try cleaning up things we have to build everything up from scratch again. Since it's a very small team that keeps this server up (basically 2 persons including myself) rebuilding is going to take some time. Data loss should be minimal as we have backups. So please bear with us, I will keep you posted on the progress.

Best,

Jeremy

Re: linuxaudio.org compromised - 2018-01-29

Posted: Wed Jan 31, 2018 2:14 pm
by finotti
Thanks for the information and all your work maintaining (and now fixing) this great resource to the community!

Re: linuxaudio.org compromised - 2018-01-29

Posted: Wed Jan 31, 2018 3:44 pm
by ssj71
Huge thanks for your generous work to keep it maintained! I certainly miss it already (I check the planet daily), but however long it takes I appreciate you offering your skills to the community.

Re: linuxaudio.org compromised - 2018-01-29

Posted: Wed Jan 31, 2018 10:15 pm
by TheAxeMan
Yes, thank you for your service!

Just when I was looking for some info... Your content has helped me greatly in switching from Windows to Linux with my little "home studio".

Re: linuxaudio.org compromised - 2018-01-29

Posted: Thu Feb 01, 2018 3:39 pm
by folderol
I'm seriously impressed Jeremy!
I knew it was a small operation, but didn't realise it was that small.

Thanks for all your work.

Re: linuxaudio.org compromised - 2018-01-29

Posted: Thu Feb 01, 2018 5:19 pm
by autostatic
Thanks everybody for the kind words! Current status is that the hack is being investigated and that some static sites are responding again. But no clear indication of how things will progress. We' not sitting still though, in the meanwhile we're thinking about what other options we have and we might start preparing for a plan B.

Re: linuxaudio.org compromised - 2018-01-29

Posted: Fri Feb 02, 2018 5:10 pm
by autostatic
I'd like to point out that information in this thread on the outage of linuxaudio.org is leading. So please refrain from speculating, thanks in advance!

Current status is that we have access to the current server again so we can start recovering data. Hopefully we can make some good progress this weekend. Priorities are mail and LAC2018 submissions. Then Libremusicproductions.com and kxstudio.linuxaudio.org (including the repo's). More to come so keep an eye on this thread!

And if there are any questions, PM me on IRC or send me a mail.

Jeremy

Re: linuxaudio.org compromised - 2018-01-29

Posted: Fri Feb 02, 2018 6:29 pm
by jCandlish
Thanks for your hard work, and sorry about your weekend.

Re: linuxaudio.org compromised - 2018-01-29

Posted: Fri Feb 02, 2018 7:55 pm
by raffguitar++
Aaahh, so that's why LMP is down! (One of my all time favorite sites). Just recently told a friend who is new to Linux about it, figures :roll:

Anyway, very sorry to hear about this incident. And thank you very much for all of your hard work! I will stay tuned and check in now and then.

Re: linuxaudio.org compromised - 2018-01-29

Posted: Fri Feb 02, 2018 8:14 pm
by gennargiu
Many thanks for your works and best regards :wink:

gennaro

Re: linuxaudio.org compromised - 2018-01-29

Posted: Sat Feb 03, 2018 12:12 am
by SLCBagpiper
Thanks for all of your hard work.

Re: linuxaudio.org compromised - 2018-01-29

Posted: Sat Feb 03, 2018 12:16 am
by GraysonPeddie
I am CompTIA A+ certified, but not Linux+ certified despite having lots of experience with Linux at home. It would be nice if I could be of help, but I'm from Florida. I took the exams at World Services for the Blind and got a 795 for CompTIA A+ 220-901 and 803 for A+ 220-902.

Anyway, I hope all the Linux Musician-related websites will be up and fully operational soon.

Re: linuxaudio.org compromised - 2018-01-29

Posted: Sat Feb 03, 2018 8:49 am
by Drazen
Thanks for your hard work.
Best
Drazen

Re: linuxaudio.org compromised - 2018-01-29

Posted: Sat Feb 03, 2018 8:56 am
by elerale
Hello,

Thanks for everything !

Cheers
Erwan

Re: linuxaudio.org compromised - 2018-01-29

Posted: Sat Feb 03, 2018 2:28 pm
by greenpete
It's great to finally find out what's happened and I really feel for the admins that have to clear up this mess.

I'd also like to thank all people involved in the linuxaudio.org network as I have benefited greatly from their efforts.

I would also like to offer any help or support should there be anything an unknown like myself can do. Maybe donate to help get something like a backup server running?

I have been wondering why there's nothing on the website now it's back up or on the LinuxAudio twitter feed about this? ( https://twitter.com/linuxaudio )

Thanks again and good luck with getting this fixed as painlessly as possible. :-)