Results 1 to 2 of 2

Thread: Australian National University Hack

  1. #1
    Join Date
    Aug 2012

    Australian National University Hack

    The Australian National University, aka ANU, system was recently hacked over a period of time by a team of several entities.
    The original access was through an email, unopened, apparently previewed, i.e. downloaded from the mail server.
    The user ports to the system are apparently via Microsoft systems and software.
    The servers are, to me , unknown, but I would expect them to be Linux.
    Is it possible for this type of hack to occur through a Linux port system, say Ubuntu, and the Thunderbird app.?

    ABC news story:

  2. #2
    Join Date
    Jan 2010
    Wheeling WV USA
    Xubuntu 18.04 Bionic Beaver

    Re: Australian National University Hack

    who did it is not the most important question. the most important question is who let it happen.

    Linux can be attacked, too. the kernel itself is usually quite solid. but there is a history of many userland programs listening and communicating on those ports that have had many vulnerabilities. probably the most common is the buffer overflow where the amount of data going into a buffer is not properly limited, allowing the sender to overwrite other data, and the stack, which has pointers that process will eventually use. carefully designed data streams can include new pointers and code to take over the process and go from there. many things are used these days to fight this in cases where the code cannot be changed.

    years ago one of my servers had the imapd software hacked with an upload of a toolkit to take over the whole server. it failed because the uploaded machine code was for an x86, but my server was a Sun SparcStation. i diagnosed the whole program from fixing the software source code to tracking down the time and which computer in a student lab at a major university did it. their administration determined which student it was and dismissed from school for 2 years. that toolkit, a rootkit, would have immediately deleted all the logs i used to track down the source, had it been an x86.

    Linux or Ubuntu are not magically more secure. but they do have the advantage of more eyes looking at the source code who are not motivated to make more money in hiding vulnerabilities.
    What do you call someone who speaks three languages? Trilingual. Two languages? Bilingual. One language? American.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts