linuxaudio.org compromised - 2018-01-29
Moderators: MattKingUSA, khz
- autostatic
- Established Member
- Posts: 1994
- Joined: Wed Dec 09, 2009 5:26 pm
- Location: Beverwijk, The Netherlands
- Has thanked: 32 times
- Been thanked: 104 times
- Contact:
linuxaudio.org compromised - 2018-01-29
Dear all,
January 29th the linuxaudio.org was compromised. Someone managed to pull in a privilege escalation exploit, probably through a reverse shell and got root. This was discovered by the Virginia Tech IT department and they cut the server off from the network. Their policy dictates that compromised servers have to be wiped and reinstalled. Because we didn't have an option to try cleaning up things we have to build everything up from scratch again. Since it's a very small team that keeps this server up (basically 2 persons including myself) rebuilding is going to take some time. Data loss should be minimal as we have backups. So please bear with us, I will keep you posted on the progress.
Best,
Jeremy
January 29th the linuxaudio.org was compromised. Someone managed to pull in a privilege escalation exploit, probably through a reverse shell and got root. This was discovered by the Virginia Tech IT department and they cut the server off from the network. Their policy dictates that compromised servers have to be wiped and reinstalled. Because we didn't have an option to try cleaning up things we have to build everything up from scratch again. Since it's a very small team that keeps this server up (basically 2 persons including myself) rebuilding is going to take some time. Data loss should be minimal as we have backups. So please bear with us, I will keep you posted on the progress.
Best,
Jeremy
Re: linuxaudio.org compromised - 2018-01-29
Huge thanks for your generous work to keep it maintained! I certainly miss it already (I check the planet daily), but however long it takes I appreciate you offering your skills to the community.
_ssj71
music: https://soundcloud.com/ssj71
My plugins are Infamous! http://ssj71.github.io/infamousPlugins
I just want to get back to making music!
music: https://soundcloud.com/ssj71
My plugins are Infamous! http://ssj71.github.io/infamousPlugins
I just want to get back to making music!
Re: linuxaudio.org compromised - 2018-01-29
Yes, thank you for your service!
Just when I was looking for some info... Your content has helped me greatly in switching from Windows to Linux with my little "home studio".
Just when I was looking for some info... Your content has helped me greatly in switching from Windows to Linux with my little "home studio".
-
- Established Member
- Posts: 2083
- Joined: Mon Sep 28, 2015 8:06 pm
- Location: Here, of course!
- Has thanked: 232 times
- Been thanked: 400 times
- Contact:
Re: linuxaudio.org compromised - 2018-01-29
I'm seriously impressed Jeremy!
I knew it was a small operation, but didn't realise it was that small.
Thanks for all your work.
I knew it was a small operation, but didn't realise it was that small.
Thanks for all your work.
The Yoshimi guy {apparently now an 'elderly'}
- autostatic
- Established Member
- Posts: 1994
- Joined: Wed Dec 09, 2009 5:26 pm
- Location: Beverwijk, The Netherlands
- Has thanked: 32 times
- Been thanked: 104 times
- Contact:
Re: linuxaudio.org compromised - 2018-01-29
Thanks everybody for the kind words! Current status is that the hack is being investigated and that some static sites are responding again. But no clear indication of how things will progress. We' not sitting still though, in the meanwhile we're thinking about what other options we have and we might start preparing for a plan B.
- autostatic
- Established Member
- Posts: 1994
- Joined: Wed Dec 09, 2009 5:26 pm
- Location: Beverwijk, The Netherlands
- Has thanked: 32 times
- Been thanked: 104 times
- Contact:
Re: linuxaudio.org compromised - 2018-01-29
I'd like to point out that information in this thread on the outage of linuxaudio.org is leading. So please refrain from speculating, thanks in advance!
Current status is that we have access to the current server again so we can start recovering data. Hopefully we can make some good progress this weekend. Priorities are mail and LAC2018 submissions. Then Libremusicproductions.com and kxstudio.linuxaudio.org (including the repo's). More to come so keep an eye on this thread!
And if there are any questions, PM me on IRC or send me a mail.
Jeremy
Current status is that we have access to the current server again so we can start recovering data. Hopefully we can make some good progress this weekend. Priorities are mail and LAC2018 submissions. Then Libremusicproductions.com and kxstudio.linuxaudio.org (including the repo's). More to come so keep an eye on this thread!
And if there are any questions, PM me on IRC or send me a mail.
Jeremy
-
- Established Member
- Posts: 4
- Joined: Mon Jun 20, 2016 8:17 pm
- Location: Switzerland
- Been thanked: 1 time
Re: linuxaudio.org compromised - 2018-01-29
Thanks for your hard work, and sorry about your weekend.
-
- Established Member
- Posts: 19
- Joined: Sun Jun 12, 2016 5:55 pm
Re: linuxaudio.org compromised - 2018-01-29
Aaahh, so that's why LMP is down! (One of my all time favorite sites). Just recently told a friend who is new to Linux about it, figures
Anyway, very sorry to hear about this incident. And thank you very much for all of your hard work! I will stay tuned and check in now and then.
Anyway, very sorry to hear about this incident. And thank you very much for all of your hard work! I will stay tuned and check in now and then.
Re: linuxaudio.org compromised - 2018-01-29
Many thanks for your works and best regards
gennaro
gennaro
Hp Elite 8200 3,1 Ghz - 16 Giga Ram Hd 2 Terabyte - Mx Linux 19.4-Ardour 6.8 - Mixbus 7
Asus X54c - Mx Linux 19.4-Ardour 6.8- Mixbus 7-RPI3 + Raspbian Buster- Rpi4 (4giga ram)
Asus X54c - Mx Linux 19.4-Ardour 6.8- Mixbus 7-RPI3 + Raspbian Buster- Rpi4 (4giga ram)
- SLCBagpiper
- Established Member
- Posts: 13
- Joined: Mon Jul 13, 2015 3:07 am
- Location: Salt Lake City, UT
- Contact:
Re: linuxaudio.org compromised - 2018-01-29
Thanks for all of your hard work.
"If it's stupid, but it works, then it's not stupid."
---Art. III, Murphy's Military Law
---Art. III, Murphy's Military Law
- GraysonPeddie
- Established Member
- Posts: 659
- Joined: Sun Feb 12, 2012 11:12 pm
- Location: Altha, FL
- Been thanked: 6 times
- Contact:
Re: linuxaudio.org compromised - 2018-01-29
I am CompTIA A+ certified, but not Linux+ certified despite having lots of experience with Linux at home. It would be nice if I could be of help, but I'm from Florida. I took the exams at World Services for the Blind and got a 795 for CompTIA A+ 220-901 and 803 for A+ 220-902.
Anyway, I hope all the Linux Musician-related websites will be up and fully operational soon.
Anyway, I hope all the Linux Musician-related websites will be up and fully operational soon.
--Grayson Peddie
Music Interest: New Age w/ a mix of modern smooth jazz, light techno/trance & downtempo -- something Epcot Future World/Tomorrowland-flavored.
Music Interest: New Age w/ a mix of modern smooth jazz, light techno/trance & downtempo -- something Epcot Future World/Tomorrowland-flavored.
-
- Established Member
- Posts: 36
- Joined: Sat Nov 19, 2016 4:45 am
- Has thanked: 2 times
- Been thanked: 2 times
Re: linuxaudio.org compromised - 2018-01-29
It's great to finally find out what's happened and I really feel for the admins that have to clear up this mess.
I'd also like to thank all people involved in the linuxaudio.org network as I have benefited greatly from their efforts.
I would also like to offer any help or support should there be anything an unknown like myself can do. Maybe donate to help get something like a backup server running?
I have been wondering why there's nothing on the website now it's back up or on the LinuxAudio twitter feed about this? ( https://twitter.com/linuxaudio )
Thanks again and good luck with getting this fixed as painlessly as possible.
I'd also like to thank all people involved in the linuxaudio.org network as I have benefited greatly from their efforts.
I would also like to offer any help or support should there be anything an unknown like myself can do. Maybe donate to help get something like a backup server running?
I have been wondering why there's nothing on the website now it's back up or on the LinuxAudio twitter feed about this? ( https://twitter.com/linuxaudio )
Thanks again and good luck with getting this fixed as painlessly as possible.