I stumbled across this article in the Seattle Times regarding the hacker attack in 1995:
I thought I’d comment on a couple of factual issues twenty years after the fact. First, the attack wasn’t particularly sophisticated, it took advantage of a race condition that existed in BSD mail and the fact that the old program was setuid root made it possible to abuse the condition to replace the password file. It was a scripted attack.
The FBI’s statement that the fact that it came across state lines made it within their jurisdiction is somewhat humorous. I attempted to get the FBI’s involvement and their response to me was that if it didn’t involve at least half a million in losses, go away because they had bigger fish to catch.
The client mail server has been imaged and returned to service. This just provides a snapshot so it can be rapidly returned to service if it is damaged in some way.
Mail server maintenance is rescheduled again. Tonight (Sunday) 10ish. I’m leaving some wiggle room on the time, sometime between 10pm-midnight, so I don’ t have to skip it if I’m in the middle of something at 10pm. Sorry, computers were not being nice to me last night.
The planned mail server maintenance has been delayed. Still working on borked server and seriously sleep deprived. The server that I took out of service because it became unstable is a problem with an upgrade that didn’t go well. The hardware itself survived stress testing and memory testing with no errors.
The client mail server, mail.eskimo.com, which provides pop3, imap, and smtp for mail clients will be down from 10pm-10:20pm approximately to make a backup image this evening.
During this time webmail and imap/pop/smtp from mail clients will be unavailable. Mail can still be read via shell mailers like pine, elm, mush, heirloom BSD mail, etc, but outgoing will be down for that duration.
The web server suffered a strange load spike this morning. At 10AM I rebooted it because it was so loaded I couldn’t even determine the cause.
I am concerned that 2.4.17, to which I recently upgraded, may have introduced a new bug or vulnerability.
IsoFusion is doing UPS maintenance at the co-location facility. In theory between 12:01AM and 1AM, however when I was down there tonight to fetch back the unstable server, they were already working on it. They say it shouldn’t affect service. But just in case might want to avoid doing anything important between 12:01AM-1AM tonight.
OpenSuse is back up and running on a different host. Available for use.
Debian is moved to a stable host and available for use.
Centos7 has been moved off of the unstable host and is available for use.