[Sysadmin] changed list admin passwords
Dean Mah
dean.mah at gmail.com
Mon Apr 9 14:11:48 CDT 2007
It might be a good idea to freeze a copy of the configuration file so
that we can revert to a pristine copy in case of accidental or
intentional changes. Probably grabbing a copy of the config.pck for
each list would do it.
Dean
On 4/9/07, David Kaufman <david at gigawatt.com> wrote:
> The changes to thelist configuration options appear to me to be mild
> vandalism.
>
> I've attached a screenshot of the changes. Most text options were
> modified only slightly, with a random letter added or inserted. Most
> Yes/No options were reversed. The "attacker" appeared to be idly
> testing to see *if* they could make changes, rather than trying to
> maliciously hijack the list. The list admin password, for instance, was
> not changed.
>
> That would have been bad.
>
> Since the admin passwords for all of our lists were not exactly
> "cryptographically secure" and were in fact, not impossible to guess...
> I've change them all. Even though only theList was compromised, knowing
> its password significantly increased the attackers ability to determine
> the passwords of the others :-)
>
> If you have root on tempest, please
>
> sudo cat ~dkaufman/lists/list-admin-pwd.txt # readable only by root!
>
> to get the new Administrator passwords for all lists.
>
> -dave
More information about the Sysadmin
mailing list