Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 4 Mar 2011 01:24:31 +0100
From: Marcus Meissner <>
To: OSS Security List <>
Subject: Re: Vendor-sec hosting and future of closed lists

On Thu, Mar 03, 2011 at 07:12:24PM +0100, Marcus Meissner wrote:
> Hi folks,
> As moderator of vendor-sec and one of the sysadmins of I noticed
> a break-in into the machine last week, which was likely used to
> sniff email traffic of vendor-sec. This incident probably happened on Jan 20
> as confirmed by timestamp, but might have existed for longer.
> As the system in use at is quite old and the admin team and myself
> does not really have the time anymore to keep it on a secure level, we
> would like to move the list to another hosting place.
> I have disabled the specific backdoor, but as I am not sure how the
> break-in happened it might reappear. So I recommend not mailing embargoed
> issues to at this time.

So after I posted this (and went for some beers) the attacker read this
and reentered the machine, went amok and destroyed the machine's
installation. The machine has now been shutdown.

So everyone please consider is dead and gone at this point,
successors (or not) will hopefully result out of this discussion.

Ciao, Marcus (ex-moderator)

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ