Dear all,
We just enabled all mail services for
linuxaudio.org again. All mailing
lists are working again and mail can be sent and received for the
linuxaudio.org domain.
A short recap of what happened is that
linuxaudio.org got compromised on
January 29th, probably with a compromised private SSH key or password
from an account with shell access. The attacker checked the kernel, saw
that it was vulnerable to Dirty COW¹, pulled in an exploit and got root.
This was quickly discovered by the IT department of Virginia Tech
University that disconnected the server from the internet and started a
forensic investigation procedure. As part of their IT security policy
the server had to be reinstalled and everything had to be set up from
scratch again. In the meanwhile I built an alternative setup and after
some discussion we agreed on moving
linuxaudio.org away from the
Virginia Tech server.
So
linuxaudio.org got a new home after 15 years at Virginia Tech². We're
very, very thankful that we could host
linuxaudio.org on their servers
and we can't stress enough how grateful we are for all the work that has
been done on the side of Virginia Tech after the hack.
linuxaudio.org now lives at Fuga³, a fully open source OpenStack⁴ cloud
based in The Netherlands. Fuga is part of Cyso⁵, the company I work for.
The
linuxaudio.org ecosystem now consists of three separate servers, a
web server, a mail server and a storage server. We rebuilt everything
with portability and scalability in mind with a strong focus on
security. You can never prevent passwords or SSH keys getting into the
hands of hackers but we'll try to keep the servers as up to date as we
can to narrow down the attack surface as much as possible.
A big thank you to all those who helped out! It was quite a ride but it
seems as if most part of the
linuxaudio.org ecosystem is accessible
again. If you find any web pages, downloads or other bits and parts that
don't work properly then please let us know so we can take a look at it.
Many thanks in advance and also many thanks for bearing with us!
Best,
Jeremy Jongepier
root(a)linuxaudio.org
¹
https://dirtycow.ninja/
²
https://icat.vt.edu/
³
https://fuga.cloud/
⁴
https://www.openstack.org/
⁴
https://cyso.com/en/