Loading ...
Sorry, an error occurred while loading the content.

Important message regarding recent attacks on www.nslu2-linux.org

Expand Messages
  • rwhitby
    [See http://groups.yahoo.com/group/nslu2-linux/message/3057 for the background behind the attacks on the www.nslu2-linux.org wiki and IRC channel.] Due to
    Message 1 of 2 , Jan 4, 2005
    • 0 Attachment
      [See http://groups.yahoo.com/group/nslu2-linux/message/3057 for the
      background behind the attacks on the www.nslu2-linux.org wiki and IRC
      channel.]

      Due to recent defacement attacks on http://www.nslu2-linux.org, we
      have been forced to password protect the http://www.nslu2-
      linux.org/wiki/Main/HomePage, http://www.nslu2-
      linux.org/wiki/Info/HomePage, and http://www.nslu2-
      linux.org/wiki/HowTo/HomePage pages. All other pages will remain
      open at this time, and we encourage NSLU2 community members to
      continue to contribute useful content to those pages. If you need a
      link added to a password protected page, then simply announce the new
      page in this mailing list and ask for it to be added. We have also
      turned on IP address tracking on the AllRecentChanges page, so we can
      all be vigilant for future attacks.

      NSLU2 community members should also be aware that the http://nslu2-
      community.com forum site recently set up by "deceivermatt@..."
      has potentially been compromised and may well be harvesting the
      passwords of people who sign up at that site. In particular, our
      wiki logs show that the recent defacement of the wiki site
      by "anoymouse" (sic) originated from the same IP address as the IRC
      nicks "NightRider" and "MattD", and from the same ISP subnet as the
      IRC nick "StealthMa"

      In addition to this, we have detected a case of impersonation of
      another user on the wiki (an intruder from a c-vbergg.xdsl-
      line.inode.at address impersonated LexDelani in a wiki edit). So
      beware of wolves in sheep's clothing.

      We would advise you to stay away from the nslu2-community.com site,
      and to wary of the "deceivermatt" Yahoo account. We will give MattD
      the benefit of the doubt (assuming that his account has been
      compromised without his knowledge, and hoping that he has good
      intentions and can regain control of his account), and we will not go
      to the extent of banning that account at this time. The best way to
      deal with these things is to prevent future damage, and ignore the
      intruders.

      As always, you should be very careful trusting new things on the
      Internet, and you should be extra careful when providing passwords to
      seemingly trusted sites. Anyone can register a domain name, set up a
      forum site with seemingly useful groups, and use it to "fish" for
      passwords.

      -- Rod
    • David
      Please find the below message posted to the nslu2-linux group. ... [See http://groups.yahoo.com/group/nslu2-linux/message/3057 for the background behind the
      Message 2 of 2 , Jan 4, 2005
      • 0 Attachment
        Please find the below message posted to the nslu2-linux group.
        -------------
        [See http://groups.yahoo.com/group/nslu2-linux/message/3057 for the
        background behind the attacks on the www.nslu2-linux.org wiki and
        IRC channel.]

        Due to recent defacement attacks on http://www.nslu2-linux.org, we
        have been forced to password protect the http://www.nslu2-
        linux.org/wiki/Main/HomePage, http://www.nslu2-
        linux.org/wiki/Info/HomePage, and http://www.nslu2-
        linux.org/wiki/HowTo/HomePage pages. All other pages will remain
        open at this time, and we encourage NSLU2 community members to
        continue to contribute useful content to those pages. If you need a
        link added to a password protected page, then simply announce the
        new page in this mailing list and ask for it to be added. We have
        also turned on IP address tracking on the AllRecentChanges page, so
        we can all be vigilant for future attacks.

        NSLU2 community members should also be aware that the http://nslu2-
        community.com forum site recently set up by "deceivermatt@..."
        has potentially been compromised and may well be harvesting the
        passwords of people who sign up at that site. In particular, our
        wiki logs show that the recent defacement of the wiki site
        by "anoymouse" (sic) originated from the same IP address as the IRC
        nicks "NightRider" and "MattD", and from the same ISP subnet as the
        IRC nick "StealthMa"

        In addition to this, we have detected a case of impersonation of
        another user on the wiki (an intruder from a c-vbergg.xdsl-
        line.inode.at address impersonated LexDelani in a wiki edit). So
        beware of wolves in sheep's clothing.

        We would advise you to stay away from the nslu2-community.com site,
        and to wary of the "deceivermatt" Yahoo account. We will give MattD
        the benefit of the doubt (assuming that his account has been
        compromised without his knowledge, and hoping that he has good
        intentions and can regain control of his account), and we will not
        go to the extent of banning that account at this time. The best way
        to deal with these things is to prevent future damage, and ignore
        the intruders.

        As always, you should be very careful trusting new things on the
        Internet, and you should be extra careful when providing passwords
        to seemingly trusted sites. Anyone can register a domain name, set
        up a forum site with seemingly useful groups, and use it to "fish"
        for passwords.

        -- Rod
      Your message has been successfully submitted and would be delivered to recipients shortly.