Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Marcus Meissner <meissner-l3A5Bk7waGM <at> public.gmane.org>
Subject: Re: Vendor-sec hosting and future of closed lists
Newsgroups: gmane.comp.security.oss.general
Date: Friday 4th March 2011 00:24:31 UTC (over 6 years ago)
On Thu, Mar 03, 2011 at 07:12:24PM +0100, Marcus Meissner wrote:
> Hi folks,
> 
> As moderator of vendor-sec and one of the sysadmins of lst.de I noticed
> a break-in into the lst.de machine last week, which was likely used to
> sniff email traffic of vendor-sec. This incident probably happened on Jan
20
> as confirmed by timestamp, but might have existed for longer.
> 
> As the system in use at lst.de is quite old and the admin team and myself
> does not really have the time anymore to keep it on a secure level, we
> would like to move the list to another hosting place.
> 
> I have disabled the specific backdoor, but as I am not sure how the
> break-in happened it might reappear. So I recommend not mailing embargoed
> issues to vendor-sec-jcswGhMUV9g@public.gmane.org at this time.

So after I posted this (and went for some beers) the attacker read this
and reentered the lst.de machine, went amok and destroyed the machine's
installation. The machine has now been shutdown.

So everyone please consider vendor-sec-jcswGhMUV9g@public.gmane.org is dead
and gone at this point,
successors (or not) will hopefully result out of this discussion.

Ciao, Marcus (ex-moderator)
 
CD: 3ms