From owner-freebsd-stable  Tue Nov 28 16:12:53 2000
Delivered-To: freebsd-stable@freebsd.org
Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177])
	by hub.freebsd.org (Postfix) with ESMTP
	id C538137B400; Tue, 28 Nov 2000 16:12:45 -0800 (PST)
Received: (from kris@localhost)
	by citusc17.usc.edu (8.11.1/8.11.1) id eAT0DPu89858;
	Tue, 28 Nov 2000 16:13:25 -0800 (PST)
	(envelope-from kris)
Date: Tue, 28 Nov 2000 16:13:24 -0800
From: Kris Kennaway <kris@FreeBSD.ORG>
To: Henk Wevers <wevers@cg.nu>
Cc: freebsd-security@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG
Subject: Re: FreeBSD hacked?
Message-ID: <20001128161324.A89746@citusc17.usc.edu>
References: <20001128181642.M27042@speedy.gsinet> <MPEPKFEAILKHINDACAIOIEOACAAA.wevers@cg.nu>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="BXVAT5kNtrzKuDFl"
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <MPEPKFEAILKHINDACAIOIEOACAAA.wevers@cg.nu>; from wevers@cg.nu on Tue, Nov 28, 2000 at 10:28:33PM +0100
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


--BXVAT5kNtrzKuDFl
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Nov 28, 2000 at 10:28:33PM +0100, Henk Wevers wrote:
>=20
>=20
>=20
> FreeBSD got a new Security Officer
>=20
> Nohican and {} would like to wish the new Security Officer (Kris) good lu=
ck
> on his new job. We are sure you will do a great job!
>=20
> Look at the bottom of http://freebsd.org.index.html

Yes, I can confirm this happened last night. We were immediately
informed by those who did it including how it was achieved. The
penetration mechanism was not a vulnerability in FreeBSD and was
corrected immediately. While we don't believe that any malicious
activity took place while the machine was compromised, we've taken
steps to sanitize things anyway.

Kris

P.S. This kind of thing would have been better sent to
security-officer..for example, it's off-topic for -stable.

--BXVAT5kNtrzKuDFl
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjokSiQACgkQWry0BWjoQKUQSACbBUxDjMy4Gv+buiSgcKiZGaU0
BicAmwQ5Z50Kx/Gaha5q7GyaBohJQ2Gv
=MVZ8
-----END PGP SIGNATURE-----

--BXVAT5kNtrzKuDFl--


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message