[SAC] LDAP user account "steve" compromised
Frank Warmerdam
warmerdam at pobox.com
Thu Aug 8 08:33:50 PDT 2013
Martin,
I've provided Steve with a new password. Thanks for identifying the
compromise.
Best regards,
Frank
On Thu, Aug 8, 2013 at 2:14 AM, Martin Spott <Martin.Spott at mgras.net> wrote:
> Hi Steve,
> apparently someone somehow managed to guess your password, logged into
> one of those machines which provide shell login to OSGeo "shell" users
> and subsequently changed your password at 2013-08-06 13:54:43 UTC.
> Finally the affected machine was used to run pscan2/scanssh to randomly
> scan SSH access on other systems.
>
> Your password is now safe because I set it to a random string and I
> suggest you negotiate with FrankW to set a new password. I invite
> everybody to join me in checking the other OSGeo servers for similar
> abuse of the "steve" or other logins.
>
> Cheers,
> Martin.
> --
> Unix _IS_ user friendly - it's just selective about who its friends are !
> --------------------------------------------------------------------------
>
--
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam,
warmerdam at pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush | Geospatial Software Developer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/sac/attachments/20130808/20a35a92/attachment.html>
More information about the Sac
mailing list