[Sysadmin] changed list admin passwords
David Kaufman
david at gigawatt.com
Mon Apr 9 13:54:04 CDT 2007
The changes to thelist configuration options appear to me to be mild
vandalism.
I've attached a screenshot of the changes. Most text options were
modified only slightly, with a random letter added or inserted. Most
Yes/No options were reversed. The "attacker" appeared to be idly
testing to see *if* they could make changes, rather than trying to
maliciously hijack the list. The list admin password, for instance, was
not changed.
That would have been bad.
Since the admin passwords for all of our lists were not exactly
"cryptographically secure" and were in fact, not impossible to guess...
I've change them all. Even though only theList was compromised, knowing
its password significantly increased the attackers ability to determine
the passwords of the others :-)
If you have root on tempest, please
sudo cat ~dkaufman/lists/list-admin-pwd.txt # readable only by root!
to get the new Administrator passwords for all lists.
-dave
More information about the Sysadmin
mailing list