Sourceforge.net attack

Yesterday our vigilant operations guys detected a targeted attack against some of our developer infrastructure.  The attack resulted in an exploit of several SourceForge.net servers, and we have proactively shut down a handful of developer centric services to safeguard data and protect the majority of our services.

Our immediate priorities are to prevent further exposure and ensure data integrity.  We’ve had all hands on deck working on identifying the exploit vector or vectors, eliminating them, and are now focusing on verifying data integrity and restoring the impacted services.

The problem was initially discovered on the servers that host CVS but our analysis indicates that several other machines were involved, and while we believe we’ve determined the extent of the attack, we are verifying all of our other services and data.

As a short term response, we’ve taken down the following services to prevent any possible escalation:

* CVS Hosting
* ViewVC (web based code browsing)
* New Release upload capability
* Interactive Shell services

    Once the immediate response to this attack is over, we will be providing a much more detailed account of what’s happened, and what specific actions we are taking to prevent further exploits.

    0 comments