Today internetnews.com reported that a super computer research facility at Stamford University had been compromised. Funny though, the reported attacks used to compromise the system used a high level of “sophistication”, this included guessing local user account passwords (god, secret, password, student, love, welcome, design) followed by executing publicly available exploits for Linux based and Solaris systems. After the escalation to root, the reported attackers ran dictionary attacks on password files by using a 10 to 20 year old tool called John the Ripper. Once more accounts had been compromised the attackers sniffed and broke a weak implementation of Kerberos authentication cracking even more user accounts. According to the article, the attackers finished there attack by installing publicly available root kits. The attackers were discovered when they modified user accounts so that students and research staff could no longer login.
So here’s the question: These attacks are at least ten years old. What part of any of these attacks is particularly advanced to any Linux power user? If you can download and compile software apparently you too can crack into a super computer research facility. It’s a shame that better measures weren’t taken to secure the resources at this university. It’s even more of a shame that the IT security staff at this school didn’t all get fired because they obviously were incompetent in there job.
Comments (0)
Topsight.net
http://www.topsight.net/article.php/2004041514231810