Thomas Wouters wrote:

It *seems*, from this site:

http://66.92.75.28/~vladimir/themes-org.html

that SourceForge has been hacked, and more seriously than SF first admits (if I'm to believe the arrogant sprouting of some script-kiddie, anyway. :) And the same goes for apache.org, it looks like. Anyway, if anyone connected *from* any of sourceforge's machines to anywhere else, in the last couple of months, they'll be well advised to change their passwords and check for intruders. The same goes if you connect through ssh and (foolishly ;) allowed ssh-agent-forwarding to the SF machines. In that case, better check all the machines that ssh-agent would give you unpassworded access to for logins you don't recognize. The site above lists a number of sniffed passwords, in case you want to check, but there's no reason for the hacker not to have even more sniffed passwords lying about :)

And if you have a login on apache.org, you probably want to change your password in any case.... the above listed site has what seems to be a copy of the shadow password file.

FYI, the file's contents are no longer available it seems. Still, SF seems to be alarmed about this: ***************************************************************************** I M P O R T A N T P L E A S E R E A D ***************************************************************************** If you are seeing this it's because we've failed over from pr-shell1. This is a failover server only. As soon as pr-shell1 is better we will cut back to it. So please do not start any daemon process that you care about. - The SF Staff About the password change: this doesn't seem to be possible on the failover machine (I get a permission denied message). -- Marc-Andre Lemburg CEO eGenix.com Software GmbH ______________________________________________________________________ Company & Consulting: http://www.egenix.com/ Python Software: http://www.lemburg.com/python/