|
Author
|
Message
|
|
Eirik Alfstad Johansen
|
Monday 28 February 2005 12:42:35 am
It seems like pubsvn.ez.no has been hacked. When I visited it a minute ago, it said: <removed> Googling for this name returned lists of attack reports.
Sincerely,
Eirik Alfstad Johansen
http://www.netmaking.no/
|
|
Paul Forsyth
|
Monday 28 February 2005 12:54:44 am
Yip, looks that way :( I've mailed paul b in case he hasnt seen it yet. paul
|
|
Paul Borgermans
|
Monday 28 February 2005 1:54:16 am
Tx, I was in fact starting on a day off, got an SMS from Tony... pubsvn.ez.no and its alias will be down for a while. Sorry guys -paul
eZ Publish, eZ Find, Solr expert consulting and training
http://twitter.com/paulborgermans
|
|
K259
|
Monday 28 February 2005 2:59:54 am
ok
|
|
Paul Borgermans
|
Monday 28 February 2005 5:24:37 am
I guess I should warn you all here though the hacker did not cause harm except the defacement (from a Windows NT5.1 IE6 client). The exploit used was a bug in awstats. So if you have this installed better upgrade to the latest version (6.3) http://awstats.sourceforge.net/ or disable external access I hope to have the server back in the air by this evening with a brand new install of SuSE 9.2 and all security related patches. Sorry for the inconvenience -paul
eZ Publish, eZ Find, Solr expert consulting and training
http://twitter.com/paulborgermans
|
|
Tony Wood
|
Monday 28 February 2005 5:53:30 am
Thanks for looking at the issue Paul. Sorry for SMS'ing you on your day off :( I know you provide pubsvn free of charge and we all thank you for it and for the quick action on the issue this morning. One suggestion; can we remove the hacker name so they do not get any more publicity. Tony
Tony Wood : twitter.com/tonywood
Vision with Technology
Experts in eZ Publish consulting & development
Power to the Editor!
Free eZ Training : http://www.VisionWT.com/training
eZ Future Podcast : http://www.VisionWT.com/eZ-Future
|
|
Eirik Alfstad Johansen
|
Monday 28 February 2005 6:09:06 am
One suggestion; can we remove the hacker name so they do not get any more publicity.
Yes, please do.
Sincerely,
Eirik Alfstad Johansen
http://www.netmaking.no/
|
|
Paul Borgermans
|
Tuesday 01 March 2005 8:14:44 am
Hello Server is up again runing on a fresh copy of SuSE9.2, but currently listens only to http://ezpsvn.sckcen.be until the DNS entries are updated. updates of the main repository will be enabled from tomorrow, the community repository is fully functional. Sorry for the downtime :-( -paul
eZ Publish, eZ Find, Solr expert consulting and training
http://twitter.com/paulborgermans
|
|
Tony Wood
|
Tuesday 01 March 2005 8:39:50 am
Thanks Paul :)
Tony Wood : twitter.com/tonywood
Vision with Technology
Experts in eZ Publish consulting & development
Power to the Editor!
Free eZ Training : http://www.VisionWT.com/training
eZ Future Podcast : http://www.VisionWT.com/eZ-Future
|
|
Björn Dieding@xrow.de
|
Tuesday 01 March 2005 10:23:02 am
Thx Paul, you are great... I got some new stuff to commit
Looking for a new job? http://www.xrow.com/xrow-GmbH/Jobs
Looking for hosting? http://hostingezpublish.com
-----------------------------------------------------------------------------
GMT +01:00 Hannover, Germany
Web: http://www.xrow.com/
|
|
Paul Borgermans
|
Wednesday 02 March 2005 4:20:18 am
Hello, pubsvn.ez.no now points again to the right server (thanks Bård and Sten), so all links should work again. Since it now runs with a different apache config (mpm-worker), please report any issues here or email to pborgerm at sckcen dot be Also, I'm interested in the performance of the livecd downloads: http://pubsvn.ez.no/livecd/ Tx -paul
eZ Publish, eZ Find, Solr expert consulting and training
http://twitter.com/paulborgermans
|
|
Tony Wood
|
Wednesday 02 March 2005 4:39:44 am
Hi Paul, I got ~100KB/Sec download and downloaded in just over an hour and a quarter so no complaints. Tony
Tony Wood : twitter.com/tonywood
Vision with Technology
Experts in eZ Publish consulting & development
Power to the Editor!
Free eZ Training : http://www.VisionWT.com/training
eZ Future Podcast : http://www.VisionWT.com/eZ-Future
|
|
Gabriel Ambuehl
|
Wednesday 02 March 2005 5:17:47 am
I downloaded the first 10MB (I don't actually need the CD ;-), pushed a solid 240KB/s my way which is pretty much maxing out the 2mbit here. ETA was a little over 35min.
Visit http://triligon.org
|
|
Hapee de Groot
|
Wednesday 02 March 2005 5:41:28 am
I am downloading now around 345KB/s which is fair enough, estimated time around 20 minutes. Cheers, Hapee
|
|
Eirik Alfstad Johansen
|
Wednesday 02 March 2005 7:26:43 am
Hi Paul B, In case you're not aware, WebSVN produces some PHP error msgs similar to: Warning: gzopen(./cache/_srv_svn_community_log_522): failed to open stream: Permission denied in /srv/websvn/include/svnlook.inc on line 156
Sincerely,
Eirik Alfstad Johansen
http://www.netmaking.no/
|
|
Paul Borgermans
|
Wednesday 02 March 2005 8:29:29 am
Thanks Eirik, the websvn interface should be OK now, but the viewcvs interface not yet ... I'm working on it right now ---edit viewcvs is also ok now as far as i tested ------ -paul
eZ Publish, eZ Find, Solr expert consulting and training
http://twitter.com/paulborgermans
|
|
Hans Melis
|
Wednesday 02 March 2005 9:48:37 am
I've just downloaded the newest livecd. Download stats:
size: 498124800 bytes
time: 11m57s
speed: 678.14 KB/s I'm not complaining :-)
Hans
http://blog.hansmelis.be
|
|
Paul Forsyth
|
Wednesday 02 March 2005 10:11:58 am
The last time i had bandwidth like that i was at university! Would a torrent of the iso be of use to people. I would use a torrent. paul
|
|
Gabriel Ambuehl
|
Wednesday 02 March 2005 10:16:54 am
Torrents are always nice. But if ez doesn't care for the traffic (some people got 100mbit flat and the like) it doesn't seem so badly needed ;-).
Visit http://triligon.org
|
|
Paul Forsyth
|
Wednesday 02 March 2005 2:09:35 pm
Np, i thought the good old days of free bandwidth was gone. But you know what they say, if you've got it flaunt it! paul
|