Please find the below message posted to the nslu2-linux group.
background behind the attacks on the www.nslu2-linux.org wiki and
Due to recent defacement attacks on http://www.nslu2-linux.org,
have been forced to password protect the http://www.nslu2-
linux.org/wiki/Info/HomePage, and http://www.nslu2-
linux.org/wiki/HowTo/HomePage pages. All other pages will remain
open at this time, and we encourage NSLU2 community members to
continue to contribute useful content to those pages. If you need a
link added to a password protected page, then simply announce the
new page in this mailing list and ask for it to be added. We have
also turned on IP address tracking on the AllRecentChanges page, so
we can all be vigilant for future attacks.
NSLU2 community members should also be aware that the http://nslu2-
community.com forum site recently set up by "deceivermatt@...
has potentially been compromised and may well be harvesting the
passwords of people who sign up at that site. In particular, our
wiki logs show that the recent defacement of the wiki site
by "anoymouse" (sic) originated from the same IP address as the IRC
nicks "NightRider" and "MattD", and from the same ISP subnet as the
IRC nick "StealthMa"
In addition to this, we have detected a case of impersonation of
another user on the wiki (an intruder from a c-vbergg.xdsl-
line.inode.at address impersonated LexDelani in a wiki edit). So
beware of wolves in sheep's clothing.
We would advise you to stay away from the nslu2-community.com site,
and to wary of the "deceivermatt" Yahoo account. We will give MattD
the benefit of the doubt (assuming that his account has been
compromised without his knowledge, and hoping that he has good
intentions and can regain control of his account), and we will not
go to the extent of banning that account at this time. The best way
to deal with these things is to prevent future damage, and ignore
As always, you should be very careful trusting new things on the
Internet, and you should be extra careful when providing passwords
to seemingly trusted sites. Anyone can register a domain name, set
up a forum site with seemingly useful groups, and use it to "fish"