Is Ubuntu Server safe?
Recently 5 out of 8 Ubuntu servers(LoCo) sponsored by Canonical were compromised. This can create a doubt in the community on the safety of Ubuntu Linux Server Editions. Are they really safe? Can we use them for production?
Here’s the explanation from James Troup, Canonical sysadmin team leader:
a) the servers, especially zambezi were running an incredible amount of web software (over 15 packages[1] that we recognised) and of all the ones where it’s trivial to determine a version, they were without exception out-of-date and missing security patches. An attacker could have gotten a shell through almost any of these sites.
b) FTP (not sftp, without SSL) was being used to access the machines, so an attacker (in the right place) could also have gotten access by sniffing the clear-text passwords.
c) The servers have not been upgraded past breezy due to problems with the network card and later kernels. This probably allowed the attacker to gain root.
So, based on this I can say that this has nothing to do with the Ubuntu Servers security. I think it was the poor management of the servers. The compromise has taken place because sysadmins were lazy(or may be too busy with other stuff) to install relevant patches and upgrades.
Well, anyways this thing happened, so let’s read what are they doing to prevent another hacking.
Move the servers to Canonical Data Centers or move the servers to managed/outsourced hosting companies.
This incident one more time proves that at some point, any OS(Operating System) or any software will be hacked. To be secure, you need to always watch out for patches/upgrades, advisories from the vendors, research and stay alert!
Comments
About
Welcome to Arstan's personal blog. This blog includes tips on Linux, Apache, MySQL, Shell Scripts. Hardware/software and internet technologies reviews and updates.
[...] Is Ubuntu Server safe? Recently 5 out of 8 Ubuntu servers(LoCo) sponsored by Canonical were compromised. This can create a doubt in the community on the safety of Ubuntu Linux Server Editions … Centers or move the servers to managed/outsourced hosting companies. This incident one more time [...]
Well, this will happen to anybody and anytime if they do not follow industry standards on security…
1. Keep your system up-to-date.
2. Use secure protocols (ssh, scp, sftp).
We still remember when Debian servers were 0wned, and recently gentoo servers were brought down due to some vulnerabilities… So, in short - it can happen… do your part of the job and cross-fingers..