[dev] [SECURITY] Horde was used to hack my system
Roel Gloudemans
roel at gloudemans.info
Wed Apr 12 09:17:33 PDT 2006
Hi Patrice,
Quoting Patrice Levesque <horde.wayne at ptaff.ca>:
> 1) This was posted on horde-announce two weeks ago.
> http://marc.theaimsgroup.com/?l=horde-announce&m=114355248404792&w=2
>
> There is a notice on the HOME PAGE of horde since march 28th.
> http://www.horde.org/
This happened during my holiday. I'm reasonably up to date now with my
dev mail, but didn't see the Announcement mails yet.
>
> 2) A mailing list is _never_ the place to discuss security issues.
> Whatever the
> project. Don't feed the crackers.
> http://www.horde.org/support.php
Really sorry about that, I should have known better. Guess I panicked.
As a general remark to other sysadmins; The logwatch package that is
widely used didn't pick this attack up with the default settings
> Don't want to be rude, but do your homework next time.
No offense taken, you were right
Cheers,
Roel.
More information about the dev
mailing list