I tried to find out what the Ohio server was running when it got broken
into. This was as close as I got (from an article on the incident I
found in google):
Quote:
-----------
The compromised server was supposed to have been decommissioned more
than a year ago, and IT officials assumed the system had been taken
off-line, Sams said. As a result, it had not received any security
updates and patches for more than a year. He did not disclose how the
server was breached or what operating system was running on it.
----------
End quote
So they won't say what it was running, but it was some OS in which a
critical security flaw appeared within a year's time and was exploited.
Could have happened to Linux, but whatcha wanna bet it was Windows?
(They said they discovered the problem when they found out the server
was being used for DOS attacks. Then they looked at the logs (duh!)
and saw the problem. They have now sacked the IT guy in charge.)
I fixed up a colleague of mine with a mail server four years ago, using
Red Hat. I told him after a while that I wouldn't be able to keep up
with the security updates, and he should get someone else to handle it
for him, and that if he didn't, the spammers might take it over and use
it as an open relay. Then the University IT people would get angry at
him and take him off line and maybe not let him run a mail server
again. But he's lazy, and has just left it as is. It's four years now
with no security upgrade, and no problems yet. (He's using sendmail.)
Maybe the spammers don't need Linux mail servers any more, now that
they have so many Windows zombies.
|
|