Advertisement
Promo

Security threats Toolkit

Mystery attackers strike Linux supercomputers

Published: 14 Apr 2004 09:05 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Unknown attackers have compromised a large number of Linux and Solaris machines in high-speed computing networks at Stanford University and other academic research facilities, according to a university advisory.

The attacks, which apparently compromised servers as recently as 3 April, are currently being investigated, according to an advisory posted on 6 April by the Information Technology Systems and Services group at Stanford.

"Stanford, along with a large number of research institutions and high-performance computing centres, has become a target for some sophisticated Linux and Solaris attacks," the ITSS said in its Web advisory. "The attacker appears to be deliberately targeting machines in academic and high-performance computing environments, rather than attacking systems indiscriminately."

Members of Stanford's security team declined to comment, and the university's chief information security officer could not immediately be reached.

It is unclear when the attacks first occurred, with an example of a compromised computer included in the advisory that occurred on 3 April. The unknown attackers use common password-cracking tools to gain access to any account on a server and then gain further access by using security flaws in the software.

"The perpetrators regularly gain access to an unprivileged local user account, presumably by sniffing passwords, cracking passwords from other compromised systems, or by triggering vulnerabilities in remotely accessible services," the Stanford advisory states.

Such local vulnerabilities, as they are called, have led to several compromises on the servers used to host Linux development and distribution in recent months.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
45 out of 113 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats



Company/Topic Alerts

Create a new alert from the list below:



Related Jobs

Linux Systems Engineer (Scientific Research / Academia) Research

High Performance Computing Research Engineer - Oxford - Linux

Linux Systems Administrator - Permanent -Linux / Solaris 30-40K. Bristol

Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters