What I find most sobering about this is that it sounds like were it not for the defacement 6 days after the hack, no one would ever have been any the wiser.
I know that DB-level and web-server-level intrusion detection systems exist - can the HN community comment on what might have detected this particular attack (even if only after-the-fact?).
>> They used this access to download the ‘user’ table which
>> contained usernames, email addresses and salted and hashed
>> (using md5) passwords for 1.82 million users.
Somewhere, oclHashcat makes room temperature rise.
I always suspected forums that don't have read-only or static mode would prove to be a bad choice as knowledge repository. Google queries returned a lot of ubuntuforums links for many ubuntu problems I encountered or random googling I did these past few days.
Later in the page (in the "Hardening" section), they mention that they've switched the forums to use Ubuntu SSO for authentication, instead of needing to store forum passwords.
[+] [-] euxneks|12 years ago|reply
Terrible. Why even allow this. A terrible, horrible cludgy hack.
[+] [-] eblume|12 years ago|reply
I know that DB-level and web-server-level intrusion detection systems exist - can the HN community comment on what might have detected this particular attack (even if only after-the-fact?).
[+] [-] pdknsk|12 years ago|reply
[+] [-] johnchristopher|12 years ago|reply
[+] [-] bashinator|12 years ago|reply
[+] [-] richadams|12 years ago|reply
[+] [-] rlpb|12 years ago|reply
[+] [-] claudiug|12 years ago|reply