Some of you might have read my previous blog post about the attack on Exherbo’s quote database that I wrote about yesterday. As promised I am going to write a follow up post about how this was handled and what the result of the cooperation with Gentoo’s infrastructure team was.
First of all I would like to thank Gentoo’s infrastructure team for acting quickly and very professionally. They reacted immediately after I posted the bug and asked for the information they needed (log files) to compare with their own auditing results.
I would especially like to thank robbat2, KingTaco, Ramereth, solar and fox2mike who worked on the issue, reviewed log files and discussed how they were going to handle this incident.
I would like to clarify that Exherbo harbours no ill will towards any of the companies (GNi, Bytemark and OSUOSL). They are providing much needed hardware and infrastructure for many open source projects but have no role beyond as a sponsor.
No company is able to prevent their users from carrying out malicious actions from their network.
I also promised to give you an update based on the information that we received after the blog post and the bug was created:
- Alex Howells (Astinus) has been removed from all Gentoo infrastructure and as you can read on bug #229895, Gentoo’s infrastructure team has informed all the developers via the gentoo-core mailing list about what happened.
The developers received the following message (taken from the bug):
As reported on bug #229895, on 27 Jun 2008 at 19:04 UTC, there was unwarranted traffic sent to http://quotes.exherbo.org/ and some of the traffic involved originated from various Gentoo Linux infrastructure machines. The Gentoo infrastructure team conducted an audit based on logs from the machines as well as those provided by Exherbo’s infrastructure team. Based on results of our audit and the user’s admission via email, we have concluded that the said actions were taken by one of our developers named astinus.
We have taken appropriate action and have removed the developer in question from Gentoo Linux infrastructure. We sincerely apologize to the administrator of quotes.exherbo.org for the involvement of Gentoo infrastructure machines.
- Alex Howells also decided to “remove” his LinkedIn profile so the link from my former blog post is not working anymore.
- Since Gentoo’s infrastructure team handled this so well I see no reason to contact their abuse contact from the respective networks where the machines are located.
- I would also like to point out that Astinus was not kicked out of Gentoo. He left on his own after the bug was filed. Astinus and I talked on IRC and while we still disagree about whether it was an attack or a prank we agreed that this is now a closed chapter and Astinus apologized to me and I accepted.
Once again I would like to thank the Gentoo infrastructure team on behalf of the Exherbo development team for their quick response and their very professional way of handling this issue.
Alex.
Mood change, I’m happy today « Fernando J. Pereda’s blag said
[...] Alexander wrote a followup post about the whole thing: Follow-Up: Attack on Exherbo.org machine. I can’t do anything else than joining him in his thanks to the Gentoo Infrastructure [...]
Joey said
Come on, it’s clearly a prank. Get a life. It’s a God damn quotes site. Not a very well implemented one out of probably hundreds if not thousands of them out there. It’s more like a quote MISMANAGEMENT system. The thing also has what? 40 quotes max? How many people look at it a day? You and two or so others?
The site also has ridiculous quotes like this that set the environment:
ok, time to rebootse for a new kernel
hopefully it doesn’t rape my wifi
-!- spbecker [n=spbecker@exherbo/developer/spbecker] has quit [Remote closed the connection]
* ahf rapes spbecker’s wife
err
wifi
DAMMIT
Which is not even a very good quote yet is probably one of the best on there since its one of the few that aren’t either completely unfunny or impossible to get by anyone other than the person submitting them.
In fact the whole system is pathetic and meaningless. It doesn’t add anything to the Exherbo project and doesn’t even appear to be obviously linked in on the main page. Well done. Also what the hell is to stop spiders from voting? If it were linked into the main page I’d defecate myself laughing from the chaos caused by spiders. Does it check the UA or is not linked in because that happened before?
You really take things far too seriously.