search.cpan.org site attacked? Why?

I went to look up a module just now on http://search.cpan.org by using the CPAN nodelet. I found that the site was down because it had been attacked and is being put back together.

I can't figure out why anyone would want to attack a site that's providing a valuable public service like this. Wouldn't it be more amusing and useful to attack the site of a company that's doing socially or ethically questionable things (there are a long list)?

And to think that the time spent attacking search.cpan.org could have been spent learning Perl or some other language... sigh...

One suggestion: given the apparently large number of Perlmonks who manage web sites, wouldn't it be possible for someone to offer to mirror valuable resources like this? The mirroring of CPAN is one example of the Perl community coming together to protect a shared resource.

update: Sorry, I missed the discussion on CB (I don't use it). The post just came out of frustration with the antics of the annoying wankers who do stuff like this. Added my suggestion to try to make node a little more discussion-worthy.

Comment on search.cpan.org site attacked? Why?

Replies are listed 'Best First'.
Re (tilly) 1: search.cpan.org site attacked? Why? by tilly (Archbishop) on Jun 11, 2001 at 20:26 UTC
What is scary about these people is what morons they are. You have cracked a widely used repository of software. People are in the habit of downloading and running code from this repository with full administrative access. (How many of us have done this on how many different machines?) And so you go about showing your mastery of script kiddie-dom by advertising that you have compromised the site??? There are also valid questions here for the Perl community about trust... ObConspiracyTheory: This is part of a Microsoft anti Open Source campaign. One of their difficulties is that people think open source software is more secure than Microsoft software. With recent high profile but non-destructive attacks on Sourceforge, Apache and CPAN, they cast doubt on the security of open source software, while doing no financial damage so there is guaranteed to be no FBI investigation to catch them...	[reply]
Re: Re (tilly) 1: search.cpan.org site attacked? Why? by xphase_work (Pilgrim) on Jun 11, 2001 at 22:27 UTC
With recent high profile but non-destructive attacks on Sourceforge [and] Apache While this looks bad, these sites were comprimised due to poor administration of Sourceforge, which was claimed to be comprimised through exodus. So while these may reflect poorly on the software, they should reflect on the Admins. Apache handled the attack well, with quick detection, little downtime, and by making sure their software repository was not affected. The only thing that I'm curious about is if the attacks are linked in anyway related... was the attacker the same, was access gained via the same method? Also, If you find a security proplem with a site, why exploit it? Why not let the Admins know, and allow them to fix the problem? I guess I just don't understand why make the attacks at all. -xPhase Edit by tye	[reply]
Re: search.cpan.org site attacked? Why? by grinder (Bishop) on Jun 11, 2001 at 20:01 UTC
One should always have a second line of defense to fall back on. If `search.cpan.org` is down, as it can be from time to time, go somewhere else, such as Randy Kobe's most excellent CPAN search site. As to why, well, it's an ugly world and shit happens. update: it's not just CPAN that may be attacked, any site, including perlmonks may one day disappear of the face of the net. Read the strange tale of Gibson Research Corporation's Denial of Service. So just be nice to the 13 year old newbie who posts in the CB... -- `g r i n d e r`	[reply]
Re: search.cpan.org site attacked? Why? by azatoth (Curate) on Jun 11, 2001 at 19:55 UTC
update : original content removed. I don't like this node, I sound like a shithead. Azatoth a.k.a Captain Whiplash Make Your Die Messages Full of Wisdom! Get YOUR PerlMonks Stagename here! Want to speak like a Londoner?	[reply]