http://news.slashdot.org/story/11/01/25/1723259/Fedora-Infrastructure-Compromised
Cheers
Al
On Wed, Jan 26, 2011 at 11:34 AM, Kevin Fenzi <kevin@xxxxxxxxx> wrote:
On Tue, 25 Jan 2011 17:10:20 -0500I see no evidence of tampering on those machines.
Ricky Zhou <ricky@xxxxxxxxxxxxxxxxx> wrote:
> > Additionally it would be nice to investigate whether the account was
> > used to access the test machine resources for package maintainers:
> > https://fedoraproject.org/wiki/Test_Machine_Resources_For_Package_Maintainers
> Good point. We don't run those machines, and all packagers have sudo
> there , so Fedora packagers should consider it unsafe to forward their
> SSH agent or enter any sensitive information on those machines. We'll
> get in touch with Kevin about checking those machines though.
I checked the logs of the firewall in front of them (that logs all ssh
connections to them) against the lastlogs on each. There's no 'missing'
ssh connections or connections from this account.
Thanks for asking. ;)
kevin
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel