[irc/freenode/web-7.0.git] / content / news / 2014-10-15-server-issues-update.md

---
author: Pricey
date: 2014-10-15 21:27:44+00:00
slug: server-issues-update
title: Server Issues: Update
imported: yes
---
Following up on our [previous blog post](http://blog.freenode.net/2014/09/server-issues-2/), we have continued to investigate the compromise of freenode infrastructure, aided by our sponsors in addition to experts in the field.

NCC Group's Cyber Defence Operations team kindly provided pro bono digital forensic and reverse engineering services to assist our infrastructure team and have recently published a report with some of their findings:

[https://www.nccgroup.com/en/blog/2014/10/analysis-of-the-linux-backdoor-used-in-freenode-irc-network-compromise/](https://www.nccgroup.com/en/blog/2014/10/analysis-of-the-linux-backdoor-used-in-freenode-irc-network-compromise/)

NCC's support has been invaluable in aiding us in further securing our infrastructure, and we have already made significant changes to ensure that it is more resilient against further attacks. Our investigation into the compromise is ongoing and we will provide further updates as appropriate.

In the mean time, if you haven't updated your password, we would advise you do so as some traffic may have been sniffed. Simply "/msg nickserv set password newpasshere" and don't forget to update your client's saved password.

Whilst we endeavour to provide a robust service, it is worth bearing in mind that no computer system is ever perfectly secure and many are inevitably breached. For this reason we do not suggest relying entirely on freenode (or any infrastructure) to protect sensitive data, and encourage our users to take further steps (e.g. unique passwords per service, encryption) as part of a defence in depth strategy to safeguard it.

We are extremely grateful to NCC in addition to our many other sponsors for their assistance and continued support. Without the ongoing support of our generous sponsors and wonderful infrastructure team, freenode would quite literally not have a network!

We will be continuing to work with our sponsors in addition to other relevant authorities regarding this breach and any further incidents.
Commit	Line	Data
c5293e15	1	---
849bdd6f SB	2	author: Pricey
	3	date: 2014-10-15 21:27:44+00:00
	4	slug: server-issues-update
eeb00e73	5	title: Server Issues: Update
df8e5765	6	imported: yes
849bdd6f	7	---
849bdd6f	8	Following up on our [previous blog post](http://blog.freenode.net/2014/09/server-issues-2/), we have continued to investigate the compromise of freenode infrastructure, aided by our sponsors in addition to experts in the field.
34876803	9
849bdd6f	10	NCC Group's Cyber Defence Operations team kindly provided pro bono digital forensic and reverse engineering services to assist our infrastructure team and have recently published a report with some of their findings:
34876803	11
849bdd6f	12	[https://www.nccgroup.com/en/blog/2014/10/analysis-of-the-linux-backdoor-used-in-freenode-irc-network-compromise/](https://www.nccgroup.com/en/blog/2014/10/analysis-of-the-linux-backdoor-used-in-freenode-irc-network-compromise/)
34876803	13
849bdd6f	14	NCC's support has been invaluable in aiding us in further securing our infrastructure, and we have already made significant changes to ensure that it is more resilient against further attacks. Our investigation into the compromise is ongoing and we will provide further updates as appropriate.
34876803	15
849bdd6f	16	In the mean time, if you haven't updated your password, we would advise you do so as some traffic may have been sniffed. Simply "/msg nickserv set password newpasshere" and don't forget to update your client's saved password.
34876803	17
849bdd6f	18	Whilst we endeavour to provide a robust service, it is worth bearing in mind that no computer system is ever perfectly secure and many are inevitably breached. For this reason we do not suggest relying entirely on freenode (or any infrastructure) to protect sensitive data, and encourage our users to take further steps (e.g. unique passwords per service, encryption) as part of a defence in depth strategy to safeguard it.
34876803	19
849bdd6f	20	We are extremely grateful to NCC in addition to our many other sponsors for their assistance and continued support. Without the ongoing support of our generous sponsors and wonderful infrastructure team, freenode would quite literally not have a network!
34876803	21
849bdd6f	22	We will be continuing to work with our sponsors in addition to other relevant authorities regarding this breach and any further incidents.