[irc/freenode/web-7.0.git] / content / news / 2014-10-15-server-issues-update.md

---
author: Pricey
date: 2014-10-15 21:27:44+00:00
slug: server-issues-update
title: Server Issues: Update
imported: yes
robots: noindex
---
Following up on our [previous blog post](http://blog.freenode.net/2014/09/server-issues-2/), we have continued to investigate the compromise of freenode infrastructure, aided by our sponsors in addition to experts in the field.

NCC Group's Cyber Defence Operations team kindly provided pro bono digital forensic and reverse engineering services to assist our infrastructure team and have recently published a report with some of their findings:

[https://www.nccgroup.com/en/blog/2014/10/analysis-of-the-linux-backdoor-used-in-freenode-irc-network-compromise/](https://www.nccgroup.com/en/blog/2014/10/analysis-of-the-linux-backdoor-used-in-freenode-irc-network-compromise/)

NCC's support has been invaluable in aiding us in further securing our infrastructure, and we have already made significant changes to ensure that it is more resilient against further attacks. Our investigation into the compromise is ongoing and we will provide further updates as appropriate.

In the mean time, if you haven't updated your password, we would advise you do so as some traffic may have been sniffed. Simply "/msg nickserv set password newpasshere" and don't forget to update your client's saved password.

Whilst we endeavour to provide a robust service, it is worth bearing in mind that no computer system is ever perfectly secure and many are inevitably breached. For this reason we do not suggest relying entirely on freenode (or any infrastructure) to protect sensitive data, and encourage our users to take further steps (e.g. unique passwords per service, encryption) as part of a defence in depth strategy to safeguard it.

We are extremely grateful to NCC in addition to our many other sponsors for their assistance and continued support. Without the ongoing support of our generous sponsors and wonderful infrastructure team, freenode would quite literally not have a network!

We will be continuing to work with our sponsors in addition to other relevant authorities regarding this breach and any further incidents.
Commit	Line	Data
c5293e15	1	---
849bdd6f SB	2	author: Pricey
	3	date: 2014-10-15 21:27:44+00:00
	4	slug: server-issues-update
eeb00e73	5	title: Server Issues: Update
df8e5765	6	imported: yes
3406dcfa	7	robots: noindex
849bdd6f	8	---
849bdd6f	9	Following up on our [previous blog post](http://blog.freenode.net/2014/09/server-issues-2/), we have continued to investigate the compromise of freenode infrastructure, aided by our sponsors in addition to experts in the field.
34876803	10
849bdd6f	11	NCC Group's Cyber Defence Operations team kindly provided pro bono digital forensic and reverse engineering services to assist our infrastructure team and have recently published a report with some of their findings:
34876803	12
849bdd6f	13	[https://www.nccgroup.com/en/blog/2014/10/analysis-of-the-linux-backdoor-used-in-freenode-irc-network-compromise/](https://www.nccgroup.com/en/blog/2014/10/analysis-of-the-linux-backdoor-used-in-freenode-irc-network-compromise/)
34876803	14
849bdd6f	15	NCC's support has been invaluable in aiding us in further securing our infrastructure, and we have already made significant changes to ensure that it is more resilient against further attacks. Our investigation into the compromise is ongoing and we will provide further updates as appropriate.
34876803	16
849bdd6f	17	In the mean time, if you haven't updated your password, we would advise you do so as some traffic may have been sniffed. Simply "/msg nickserv set password newpasshere" and don't forget to update your client's saved password.
34876803	18
849bdd6f	19	Whilst we endeavour to provide a robust service, it is worth bearing in mind that no computer system is ever perfectly secure and many are inevitably breached. For this reason we do not suggest relying entirely on freenode (or any infrastructure) to protect sensitive data, and encourage our users to take further steps (e.g. unique passwords per service, encryption) as part of a defence in depth strategy to safeguard it.
34876803	20
849bdd6f	21	We are extremely grateful to NCC in addition to our many other sponsors for their assistance and continued support. Without the ongoing support of our generous sponsors and wonderful infrastructure team, freenode would quite literally not have a network!
34876803	22
849bdd6f	23	We will be continuing to work with our sponsors in addition to other relevant authorities regarding this breach and any further incidents.