Red Hat gets hacked

Submit

Red Hat warned on Friday that a network attack compromised some servers last week that are involved with both its commercially supported and free versions of Linux.

The breaches involved Red Hat Linux Enterprise servers and those from its community-supported Fedora project that it sponsors.

Red Hat said in a security advisory that it is confident the intrusion did not compromise the Red Hat Network, which is the chief mechanism used to distribute changes to its Red Hat Enterprise Linux product, or updates sent over the network. Therefore customers are not at risk, the company said.

The open source vendor also released a script designed to detect potentially compromised OpenSSH (OpenBSD's Secure Shell protocol implementation) packages.

"We are issuing this alert primarily for those who may obtain Red Hat binary packages via channels other than those of official Red Hat subscribers," the advisory said.

The intruder was able to sign a "small number" of OpenSSH packages relating to Red Hat Enterprise Linux versions 4 and 5, so Red Hat is releasing an updated version of those packages. The company has published a list of the tampered packages and instructions for how to detect them.

A Fedora project leader issued an alert to a Fedora e-mail list that some Fedora servers were taken offline after they were found to have been illegally accessed last week.

"One of the compromised Fedora servers was a system used for signing Fedora packages. However, based on our efforts, we have high confidence that the intruder was not able to capture the passphrase used to secure the Fedora package signing key," the alert said.

Despite the fact that there is no evidence that the Fedora key has been compromised, Fedora is converting to new Fedora signing keys because Fedora packages are distributed via multiple third-party mirrors and repositories.

Talkback

ZDNet Australia Live

Research key to good apps: Westpac CIO http://t.co/KFfxHxDO

0 minute ago by Cloud9Truths on twitter, retweet

Research key to good apps: Westpac CIO: Westpac announced yesterday that it has over a million users actively si... http://t.co/QAGGwpWu

5 minutes ago by NewsinIT on twitter, retweet

Research key to good apps: Westpac CIO - ZDNet Australia: Research key to good apps: Westpac CIOZDNet AustraliaW... http://t.co/JJ9mYDXF

5 minutes ago by Netchannel2 on twitter, retweet

RT @zdnetaustralia: SuccessFactors launches Sydney datacentre to host BizX suite for local customers http://t.co/xKvbJnNj ^ST

5 minutes ago by jonabonne on twitter, retweet

RT @zdnetaustralia: SAP buys Ariba http://t.co/cQy8nVWp ^ST

15 minutes ago by jonabonne on twitter, retweet

SuccessFactors launches Sydney datacentre - Hardware - News - ZDNet Australia | @scoopit http://t.co/B7cK54tF

15 minutes ago by PuneetSingh77 on twitter, retweet

Research key to good apps: Westpac CIO: Westpac announced yesterday that it has over a million users actively si... http://t.co/0b9GEFrY

15 minutes ago by oztechguy on twitter, retweet

SuccessFactors launches Sydney datacentre to host BizX suite for local customers http://t.co/xKvbJnNj ^ST

20 minutes ago by zdnetaustralia on twitter, retweet

SuccessFactors launches #Sydney datacentre - @ZDNet Australia : http://t.co/qyzZ4zZN

25 minutes ago by SydneyNews on twitter, retweet

@Wow - thats one of the benefits of the iPad (and tablets in general). They are one of the most generation neutral products ever made. ...

29 minutes ago by Gav on Westpac board goes paperless with iPads

by http://t.co/vmlLt4bh: Kaspersky's antivirus denied on iOS: Kaspersky Lab is the latest company to be denied th... http://t.co/GpQkVZ2C

30 minutes ago by InternetTechSec on twitter, retweet

A farewell to democracy: Kaspersky http://t.co/VAIQbbXY

30 minutes ago by ALLsecuritySoft on twitter, retweet

@mikey_halapir http://t.co/VOegcFoc FOUND IT.

30 minutes ago by f0r3v3ryoung_ on twitter, retweet

Android's biggest security flaws http://t.co/00YQDw9T

35 minutes ago by ALLsecuritySoft on twitter, retweet

SuccessFactors launches Sydney datacentre http://t.co/wdofhAGS

35 minutes ago by ForshawFlip on twitter, retweet

#DataCentre SuccessFactors launches Sydney datacentre - ZDNet Australia: SuccessFactors launches Sydney datacent... http://t.co/ajyQKEPL

35 minutes ago by AITPartnership on twitter, retweet

SuccessFactors launches Sydney datacentre - ZDNet Australia: SuccessFactors launches Sydney datacentreZDNet Aust... http://t.co/VpHzoKJc

35 minutes ago by SydneyConnectme on twitter, retweet

Kaspersky is now yet another company that Apple won't let make an official AV app for iOS. http://t.co/E0CsunQ1

35 minutes ago by mukimu on twitter, retweet

and why is this such a super idea? http://www.itnews.com.au/News/301778,thousands-affected-in-billing-cloud-breach.aspx oh, yeah, right...

46 minutes ago by btone on Fed Govt steps up on shared cloud plan

SAP eyes cloud super network with Ariba buy: By Rachel King, ZDNet US on May 23rd, 2012 (5 mins ago) SAP America... http://t.co/gHVI2Q1x

50 minutes ago by LocalMobile911 on twitter, retweet

BYOD too immature for us: Human Services http://t.co/d5bL19GZ via @zdnetaustralia

50 minutes ago by Nigel_Max_Smith on twitter, retweet

Kaspersky's antivirus denied on iOS: Kaspersky Lab is the latest company to be denied the chance to develop an o... http://t.co/ik2mlpZR

1 hour ago by NewsinIT on twitter, retweet

Dell profits plunge in spending lull - Hardware - News - ZDNet Australia | @scoopit http://t.co/iqiQnzox

1 hour ago by PuneetSingh77 on twitter, retweet

Automation key for time-poor security boffins http://t.co/qyCXzOwl via @zdnetaustralia

1 hour ago by ClaraM_Andres on twitter, retweet

Dell is suffering falling profits as companies hold off on their spending. http://t.co/iK5YBTSN ^ST

1 hour ago by zdnetaustralia on twitter, retweet

Kaspersky's antivirus denied on iOS: Kaspersky Lab is the latest company to be denied the chance to develop an o... http://t.co/0UnTxMKq

1 hour ago by oztechguy on twitter, retweet

Fed Gov unveils draft strategy for "community clouds" http://t.co/9vQcu2AG via @zdnetaustralia #cloud <- specialised availability zones

1 hour ago by BGJlive on twitter, retweet

Wow, seems like a fantastic initiative that helps to save the environment. It must have taken a lot of convincing to get the Board to mov...

1 hour ago by Wow on Westpac board goes paperless with iPads

What happens when you have 'too many cooks' while creating software: http://t.co/8ITO4zZs

1 hour ago by PriceyJohnDoe on twitter, retweet

SAP buys Ariba http://t.co/cQy8nVWp ^ST

1 hour ago by zdnetaustralia on twitter, retweet

Google closes Motorola Mobility deal - ZDNet Australia: http://t.co/njPFGeOB.auGoogle closes Motorola Mobility de... http://t.co/V6ygypla

1 hour ago by Netchannel2 on twitter, retweet

by http://t.co/vmlLt4bh: SAP eyes cloud super network with Ariba buy: SAP America is looking to develop "the busi... http://t.co/9OhJ6p9V

1 hour ago by InternetTechSec on twitter, retweet

SAP eyes cloud super network with Ariba buy http://t.co/7NL5eFce

1 hour ago by JamesVickery on twitter, retweet

BYOD too immature for us: Human Services http://t.co/s3x2cthG via @zdnetaustralia

1 hour ago by duaneherring on twitter, retweet

Google closes Motorola Mobility deal: Google has finally closed its acquisition of Motorola Mobility, installed ... http://t.co/U2G7DO7D

1 hour ago by oztechguy on twitter, retweet

The federal government has released guidelines for a community cloud to be shared by agencies http://t.co/57skHLug ^ST

1 hour ago by zdnetaustralia on twitter, retweet

Fed Govt steps up on shared cloud plan - Communications - News - ZDNet Australia | @scoopit http://t.co/s0x8e1hr

1 hour ago by PuneetSingh77 on twitter, retweet

Now that Google has closed its acquisition of Motorola Mobility, what's next on the company's to do list? http://t.co/5aWbp9qe ^ML

1 hour ago by zdnetaustralia on twitter, retweet

I'm a payed up lib member who has voted Labor in the last 2 federal elections. I had the previlege of speaking to Mr Turnball 3 months ag...

2 hours ago by spazmanaught on NBN contracts may be left alone: Turnbull

Good to see Westpac's concentrating on the real IT issues !

2 hours ago by jeff_syd on Westpac board goes paperless with iPads

I am not sure how this issue becomes an attack on Mr Turnbull. But I guess he is fair game. In any event I would have thought a Ddos woul...

12 hours ago by Doubt on National Botnet Network coming: Earthwave

I still use 98SE. Windows ME was an abortion in a bucket and Vista was ME without the bucket. My screen may look boring, but I jumped str...

12 hours ago by Treknology on Microsoft admits Vista was 'cheesy'

This story has been voted 10 times in the last 24 hours!

13 hours ago, CeBIT 2012 opens: photos

This story has been voted 15 times in the last 24 hours!

13 hours ago, Lenovo ThinkPad 3G tablet (32GB)

Well I don't know what they have done with their EFTPOS machines, local one in WA Coles Express I used this morning and I normally do "ch...

13 hours ago by harryinthesoup on Coles ditches PINs in payment pilot

6.7 M last ditch attempt - interesting - The Auckland region (population 1.4 mil) has estimated to have spent less than this in total ...

16 hours ago by debsteele on Vic scraps HealthSMART system

Interesting - no mention of Win 98/ME/2000 ... which heralded Internet access for millions of users ? I thought Win 98/ME would be the mo...

18 hours ago by gouranga on Microsoft admits Vista was 'cheesy'

An Application like Good from Good Technologies does the same thing, working with the enterprise email server and is off the shelf.

18 hours ago by Helpdesk123 on Westpac board goes paperless with iPads

Never mind a "B+" version, go for "C" and put in a few extras. I'd like a high speed ADC (100Msps) but that's just me... Final size? Equ...

19 hours ago by sa_penguin on Raspberry Pi architect mulls design change

what a non-story. these thing happen all the time. is zdnet short on material?

19 hours ago by paulwrussell on Spotify launch suffers redirect bungle

4 months old phone died. Took 6 weeks, three visits to the authorised repairer (Fonebiz) to "fix it". 2nd hand untested parts used, I say...

19 hours ago by paracin on Sony Ericsson Xperia Arc S

It's easy to rubbish an old operating system long after the rest of the world has already passed judgement upon it. I would be far more i...

20 hours ago by ramnet on Microsoft admits Vista was 'cheesy'

If Vista is cheesy, Metro is an over-ripe Stilton.

21 hours ago by meski on Microsoft admits Vista was 'cheesy'

you are kidding right - what qualification do you have to make such wildy stupid statements - do you really have customers who pay you fo...

21 hours ago by rant rant rant on National Botnet Network coming: Earthwave

Exactly. There are two topics of discussion, that are co-mingled; 1) Unauthorized software was put on the company device, by an IT person...

1 day ago by lamont on ABC's Bitcoin miner tackled in minutes

First off, Bitcoin is not a virus. Second off, the only way to generate Bitcoins, is by using a Bitcoin miner. More information on this h...

1 day ago by rizowski on ABC's Bitcoin miner tackled in minutes

When an operating system is sold it should not launch until an approved security service is purchased online with a list of approved supp...

1 day ago by Kevin Cobley on National Botnet Network coming: Earthwave

Keep up with ZDNet Australia

Inside ZDNet Australia

ZDNet / Security / Story

Red Hat gets hacked

Topics

Top related stories

Related gallery

Related stories

Talkback

Tech Blueprint

ZDNet Australia Live

Facebook Activity

Keep up with ZDNet Australia

ZDNet Events Calendar

Plan Comparison

Sponsored resources

Inside ZDNet Australia

Services