[Sysadmin] changed list admin passwords
David Kaufman
david at gigawatt.com
Mon Apr 9 14:00:52 CDT 2007
okay i guess attachments arent allowed :-)
Here's the page, as vandalized:
http://www.gigawatt.com/dk/evolt/thelist-admin-GeneralOptions-2007-04-09.png
I've fixed most of the obvious settings. Am currently looking at the
unaffected lists to see what settings they use, for the more obscure
ones.
-dave
David Kaufman <david at gigawatt.com> wrote:
>> The changes to thelist configuration options appear to me to be mild
>> vandalism.
>>
>> I've attached a screenshot of the changes. Most text options were
>> modified only slightly, with a random letter added or inserted. Most
>> Yes/No options were reversed. The "attacker" appeared to be idly
>> testing to see *if* they could make changes, rather than trying to
>> maliciously hijack the list. The list admin password, for instance,
>> was not changed.
>>
>> That would have been bad.
>>
>> Since the admin passwords for all of our lists were not exactly
>> "cryptographically secure" and were in fact, not impossible to
>> guess... I've change them all. Even though only theList was
>> compromised, knowing its password significantly increased the
>> attackers ability to determine the passwords of the others :-)
>>
>> If you have root on tempest, please
>>
>> sudo cat ~dkaufman/lists/list-admin-pwd.txt # readable only by root!
>>
>> to get the new Administrator passwords for all lists.
>>
>> -dave
>>
>>
>
>
>
>>
>>
>> ----------------------------------------
>> so, are we gonna get this vote on for
>> the EvoltSysadmin mascot or what?
More information about the Sysadmin
mailing list