[K12OSN] k12os.org hacked?
Eric Harrison
eharrison at mail.mesd.k12.or.us
Wed Aug 17 21:40:01 UTC 2005
dahopkins at comcast.net wrote:
> When I just went to k12os.org via the link at http://www.k12ltsp.org , I get
>
> spykids ownz you
>
> Not sure if this is real, or not, but ... thought I would mention it.
>
> Sincerely,
> Dave Hopkins
>
http://www.k12os.org is a virtual host on a clunky old box sitting
*outside* my firewalls... it is not exactly "well maintained", I'm a
bit surprised it took this long to be compromised.
I think Paul setup k12os.org, I'll bug him about fixing/upgrading it...
NOTE: it is very important to apply the updates for your third-party
apps as well as your operating systems. If you are running a non-current
version of postnuke (such as k12os.org) or phpbb or drupal or awstats,
etc, etc, it is only a matter of time until your website will be
defaced. It is easy to fall into a false-sense of security by thinking
that up2date/apt-get/yum (or windows update service, or apple's updates)
takes care of all of your security risks...
-Eric
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/k12osn/attachments/20050817/a0f704cb/attachment.sig>
More information about the K12OSN
mailing list