Report On Recent Server Intrusion And Downtime
On the 4th of September, 2008 an intrusion was detected on the server hosting the SUZAKU Developers Site, and all services were temporarily taken off-line at 20:25 of that day. All services were restored by the 17th of September, 2008.
We sincerely apologize for any inconvenience that the downtime may have caused.
Below are details of the intrusion and the follow-up action undertaken.
Intrusion Details and Follow Up Action
A person from the outside was able to gain access to a user-level account through a weak password and placed several inappropriate programs on the server. As the programs were only able to operate with user-level access permission, it has been determined that no damage was caused, including no modification of server data and no leaks of private data.
In order to ensure that this will not happen again, the following policies have been put in place.
- The use of strong passwords will be enforced.
- Users will no longer be able to login to the server from the outside.
In addition, the server system was reinstalled from scratch using the latest software available.
Furthermore, plans are being put in place to monitor server access and strengthen all-round security in order to ensure a reliable service.
Service Downtime Timeline
- 09/04/2008 16:00 (approx.) - Intrusion detected.
- 09/04/2008 20:25 - All services taken off-line.
- 09/09/2008 13:26 - Mailing lists restored (Armadillo, Suzaku, Suzaku-en).
- 09/10/2008 13:49 - Download site restored.
- 09/11/2008 10:47 - Armadillo Developers Site restored.
- 09/16/2008 22:29 - SUZAKU Developers Site (JA) restored.
- 09/17/2008 17:24 - SUZAKU Developers Site (EN) restored.
Please use the following contact point for any enquiries regarding this matter.
Atmark Techno, Inc. E-Mail: firstname.lastname@example.org