Situs linuxfoundation.org Diserang

Linux Foundation memberitahukan para pengguna pada web linux.com serta linuxfoundation.org bahwa terjadi penyerangan di sisi server yang terjadi pada tanggal 8 september 2011.

Penyerangan ini memungkinkan username, password, email serta data data lainnya di ambil, Linux Foundation percaya bahwa penyerangan ini berhubungan dengan Penyerangan yang terjadi pada kernel.org yang terjadi pada awal September lalu.

Server linuxfoundation.org, linux.com serta layanan yang ada seperti Open Printing, Linux Mark, dan Foundation Events semuanya saat ini di matikan oleh administrator dalam rangka melakukan installasi ulang secara lengkap pada system mereka.

Linux Foundation juga menginformasikan kepada setiap pengguna untuk mengganti password serta SSH Keys yang di gunakan di situs situs tersebut, karena adanya kemungkinan ditembus dan harus segera di ubah pula jika di gunakan juga pada situs lain.

Kondisi situs linuxfoundation.org hingga saat berita ini diturunkan

Linux Foundation juga melakukan audit pada sistem sebagai bagian dari penyelidikan lebih lanjut dan bekeja sama dengan pihak US dan Eropa dan akan mengumumkan setiap informasi lebih lanjut pada situs linuxfoundation.org dan linux.com.

Berikut isi email dari The Linux Foundation

From: The Linux Foundation
To: lwn-AT-lwn.net
Subject: Important: Security Breach on Linux.com, LinuxFoundation.org
Date: Sun, 11 Sep 2011 10:07:02 +0000 (UTC)
Message-ID:
Archive-link: Article, Thread
Attention Linux.com and LinuxFoundation.org users,

We are writing you because you have an account on Linux.com,
LinuxFoundation.org, or one of the subdomains associated with these domains.
On September 8, 2011, we discovered a security breach that may have
compromised your username, password, email address and other information you
have given to us. We believe this breach was connected to the intrusion on
kernel.org.

As with any intrusion and as a matter of caution, you should consider the
passwords and SSH keys that you have used on these sites compromised. If you
have reused these passwords on other sites, please change them immediately.
We are currently auditing all systems and will update public statements when
we have more information.

We have taken all Linux Foundation servers offline to do complete
re-installs. Linux Foundation services will be put back up as they become
available. We are working around the clock to expedite this process and are
working with authorities in the United States and in Europe to assist with
the investigation.

The Linux Foundation takes the security of its infrastructure and that of
its members extremely seriously and are pursuing all avenues to investigate
this attack and prevent future ones. We apologize for this inconvenience and
will communicate updates as we have them.

Please contact us at info@linuxfoundation.org with questions about this
matter.

The Linux Foundation.

Laporan oleh Arya Ramandhanu untuk Blog https://tanyarezaervani.wordpress.com