[K12OSN] k12os.org hacked?
Paul Nelson
pnelson at riverdale.k12.or.us
Thu Aug 18 14:40:45 UTC 2005
Message: 17
Date: Wed, 17 Aug 2005 14:40:01 -0700
From: Eric Harrison <eharrison at mail.mesd.k12.or.us>
Subject: Re: [K12OSN] k12os.org hacked?
>http://www.k12os.org is a virtual host on a clunky old box sitting
>*outside* my firewalls... it is not exactly "well maintained", I'm a
>bit surprised it took this long to be compromised.
>
>I think Paul setup k12os.org, I'll bug him about fixing/upgrading it...
>NOTE: it is very important to apply the updates for your third-party
>apps as well as your operating systems. If you are running a non-current
>version of postnuke (such as k12os.org) or phpbb or drupal or awstats,
>etc, etc, it is only a matter of time until your website will be
>defaced. It is easy to fall into a false-sense of security by thinking
>that up2date/apt-get/yum (or windows update service, or apple's updates)
>takes care of all of your security risks...
>-Eric
I plead guilty on all counts. It just goes to show that you should never
go on vacation.
I setup k12os.org using postnuke and did not keep it up to date. As Eric
says, it's only a matter of time. I'm migrating the site now to Drupal.
I think that will give us more options in how we use the site and it
will make life easier for me just keeping track of one CMS system to update.
The focus of K12OS.org was to be open source news in education. I'm
hoping that list members will create accounts and contribute articles.
It's also a place where you can share files that you create for
presentations. Drupal has good forum and news feed features. I'll be
setting it up this week. Let me know if you want to help out.
;-) Paul
--
======================================================================
Paul Nelson - Make things better.
http://pnelson.us
More information about the K12OSN
mailing list