On Tue, 19 Sep 1995 08:55:01 -0500 (EST) Jim Collins wrote:
>No one has yet mentioned exactly how this was done. Could someone
>please elaborate? I have seen no CERN security posts about this.
Ok, it has been about a week since I posted my original issue of the
hacked home page. I have received many (MANY!) requests and
suggestions (on how to fix it). Here is an update --
Many people suggested that the pages be read only (many is an understatement)
however, perhaps I was not clear, when one gains root access to a Unix
based system, explain to me how making a file read only is going to
protect anything *grin*. The problem was found and fixed, and it won't
happen again. That was not the big issue.
The big issue was, how was it done. I have to say, since I am in an awkward
position here, I can't really give out details, at least not publicly. Many have
asked, but sometimes, it is best to leave well enough alone. I will say that
it was an older version of software which was the culprit, and I attempted to
circumvent the current release of the cern server and it did not have the
problem. I am sorry, but I am bound by the customer's contract (of course I
had to sign it).
My final comment, I don't think there is much to worry about right now, I hope,
BUT, my biggest point was this:
How many of you VERIFY your home page for exact content every day?!
(Be honest, because I really don't believe most of us do!! That would be
like saying you TEST your own car alarm each and every day. I don't think
this is the case.)
Just a point to ponder and hopefulloy change the way we run our shops.
Proactive = a safer network
reactive = cleaning up after the fire
See ya round the net...
** Remember -- Life is NOT a dress rehearsal!
(nor is it a small furry animal with funny feet and floppy ears...)