[linux-audio-announce] Main AGNULA host back online after attack

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
To: <announce@...>
Date: Thursday, April 28, 2005 - 1:26 pm

+-----------------------------------------------------------------+
| ______ ______ _ _ _ |
| /\ / _____) ___ \| | | | | /\ |
| / \ | / ___| | | | | | | | / \ |
| / /\ \| | (___) | | | | | | | / /\ \ |
| | |__| | \____/| | | | |___| | |_____| |__| | |
| |______|\_____/|_| |_|\______|_______)______| |
| |
+-----------------------------------------------------------------+

[Sorry for cross-posting. Feel free to forward around]

Florence, 28 April 2005

+++ Main AGNULA host back online after attack

After the attack (and potential compromise) that the AGNULA main host
(agnula.speech.kth.se) suffered from in the past days [0], we are
happy to announce that we concluded the reinstallation process. All
the services provided by the host have been restored and are, to the
best of our knowledge, fully functional.

+++

After the attack (and potential compromise) that the AGNULA main host
(agnula.speech.kth.se) suffered from in the past days [0], we are
happy to announce that we concluded the reinstallation process. All
the services provided by the host have been restored and are, to the
best of our knowledge, fully functional.

On Sunday, April 16 2005, the main AGNULA host (agnula.speech.kth.se,
hosting lists.agnula.org, www.agnula.org, download.agnula.org,
devel.agnula.org, muzik.agnula.org and related services) was subject
to an attack (see below). The attacker(s) (whose identity is unknown
as of today) managed to download, *but not succesfully run*, a
backdoor on the system; thanks to the tight security measures
implemented on the host - and after a thorough check of the whole
system - we had reasons to believe that the latter was *not*
compromised.

However, following good security practices and common sense, we could
not guarantee the integrity of the host. Since we had already planned
an extensive upgrade of the server, we decided to go down the safer
route: completely wipe out the system, reinstall everything from
scratch and recover backup data from the day before the attempted
compromise.

The reinstallation process has now come to an end. All the services
should be back online as you read this e-mail (actually, they started
to come back before this announcement, but we preferred to do some
checks in advance).

Please feel free to contact , should you notice any
problem.

+++

About AGNULA: Agnula (acronym for A GNU/Linux Audio distribution,
pronounced with a strong g) is the name of a project funded until
April 2004 by the European Commission (number of contract:
IST-2001-34879; key action IV.3.3, Free Software: towards the critical
mass). After the end of the funded period, AGNULA is continuing its
work, aiming to spread Libre Software in the professional audio/video
arena.

Big thanks to the following institutions for their help in supporting
AGNULA:

- Firenze Tecnologia

for paying Free Ekanayaka to work full-time on maintaining A/DeMuDi;

- KTH Department of Speech, Music and Hearing

for housing and supporting the main AGNULA server

- IRCAM and CCRMA

for providing mirror space and bandwidth

- Red Hat France

for supporting the A/RehMuDi distribution

Best regards,

--
The AGNULA Team info@agnula.org
Our mailing lists: http://lists.agnula.org/
Our web site: http://www.agnula.org/
"There's no free expression without control on the tools you use"

[0] http://lists.agnula.org/pipermail/announce/2005-April/000089.html

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

This is the only confirmed message in this thread.