forums.debian.net gone

If not appropriate, please delete but it looks like we lost forum-debian.net due to its security being compromised.

From the Debian mailing list

http://lists.debian.org/debian-proje.../msg00056.html

I wish the best to everyone I met there.

yes,...I saw the notice as well. I received one of those "spam" emails,..and was pretty confused by it,..as it reported that it was being sent by the Debian forum itself. That spammer ought to be "horse-whipped" for making the forum have to shut down!!!!

I received an email earlier this afternoon which had a link to forums.debian.net which i followed and got the following rsult whenthe link opemed in windows internet explore:


forums.debian.net is a debian.net service run by a set of DDs for the
community. It's not an official Debian service run or maintained by
the project or DSA (then it would be forums.debian.org).

Nevertheless it was hosted on debian.org hardware since sometime last
year because the original system it was on was an under-the-desk kind of
"server" that was falling apart and the forum admins wanted to continue to
provide this service.

DSA gave them access to tartini.debian.org, which was unused at the
time. Since then, this system has been dedicated to running
forums.debian.net; it was decided to not use tartini for any other
services due to security concerns.

This afternoon DSA received reports that forums.debian.net might have
been compromised: registered users had been email spammed from the
forums software.

forums.debian.net has therefore been disabled.

It is not known when or if or how forums.debian.net will return.

We currently have no reason to believe that tartini itself was
compromised.

For DSA,
Peter



Which makes me wounder if Linuxquestions will come under seige by millions of debian users of all skill levels and their problems.

There weren't exactly millions of people visiting the Debian forums. In addition to that, quite of lot of the Debian forum regulars hang out here too. I think LQ will be just fine.

It seems odd to me that the reaction to a breach in security might be to shut the forums down forever (rather than tighten the security). It was a free server, so obviously their rules are their rules. But it's a shame.

In terms of number of users, the LQ Slackware forum may have more competition from the Debian forum now.

Quote:

Originally Posted by Telemachos It seems odd to me that the reaction to a breach in security might be to shut the forums down forever (rather than tighten the security). It was a free server, so obviously their rules are their rules. But it's a shame.

I also received a spam email fromthe debian forum administrators, This really makes me skeptical of runing squeeze on two of my three computers , I am security paranoid and doubting wetjer or not i should revert back to etch on both of my debian machines.

Quote:

Originally Posted by Telemachos It seems odd to me that the reaction to a breach in security might be to shut the forums down forever (rather than tighten the security). It was a free server, so obviously their rules are their rules. But it's a shame.

Nowhere is "forever" mentioned! The mail sounds like it was from a Debian maintainer who did NOT maintain the forums, and only states "It is not known when or if or how forums.debian.net will return" (emphasis mine).

Quote:

Originally Posted by FloridaBSD I also received a spam email fromthe debian forum administrators, This really makes me skeptical of runing squeeze on two of my three computers , I am security paranoid and doubting wetjer or not i should revert back to etch on both of my debian machines.

Nowhere is squeeze mentioned! In fact, nothing about the host system software is mentioned at all! Only that it was decided to not host anything else but the forums on the system, most likely because web forums are notoriously insecure.

Where are you two getting this? There's only one e-mail in that thread so far!

I'm one of those Debian user forum members, but I promise not to swamp this forum.

more interesting though: what forum is able to replace forums.debian.net?

i don`t think another forum is able to replace it. i`m in a really bad mood.
ain`t there left a bit of hope? (thanks jackiebrown for the threads you made giving the info)

Quote:

Originally Posted by AlucardZero Nowhere is "forever" mentioned! The mail sounds like it was from a Debian maintainer who did NOT maintain the forums, and only states "It is not known when or if or how forums.debian.net will return" (emphasis mine).

You are right, but the tone of that posting seemed to imply "We're not going to touch this thing with a ten-foot pole." Maybe I'm overinterpreting it; I hope so, in fact.

Quote:

Originally Posted by FloridaBSD I also received a spam email fromthe debian forum administrators, This really makes me skeptical of runing squeeze on two of my three computers , I am security paranoid and doubting wetjer or not i should revert back to etch on both of my debian machines.

That makes no sense whatsoever. The machine in question didn't host a repo at all (and Squeeze is never mentioned in the list posting). There's no reason to believe that Squeeze is compromised. (Also, before Squeeze comes Lenny, not Etch.)

Welcome Jalu: Don't be too down. Many of your old friends will turn up here soon enough.

Quote:

Originally Posted by roseway I'm one of those Debian user forum members, but I promise not to swamp this forum.

Welcome to LQ!. It's always good to see new Debian users here.

Me too.

Edit: I've got to edit my presence here, it's been a long time...

Hmm... wish I could edit my nick to Qew.

It'd be a quite a bit of a loss, because there was a lot of good advice on that board. OK, you can find it elsewhere, too, but it's still a big loss. Hope it comes back.