I was watching the Bourne Identity the other night and Marie asked "how did they find us", to which Bourne replied "we let our guard down, we got lazy".  This is so very true for computer security - you can't stop updating your systems, updating your anti-malware tools, updating the firmware in your firewall and more.  To highlight this I saw the article below.  There was an operating system that claimed it did not suffer from the issues of needing constant TLC.  Then 5 of the 8 community servers were compromised.  Nice.

Ubuntu Servers Hijacked, Used to Launch Attack

Members of the Ubuntu colocation team suggest the attack could have begun with a Chinese IP address.

The Ubuntu community had to yank five of the eight Ubuntu-hosted community servers sponsored by Canonical offline Aug. 6 after discovering that the servers had been hijacked and were attacking other machines.

It was suggested during an IRC (Internet relay chat) meeting of the Ubuntu colocation team Aug. 14 that the source of the troubles might have been a Chinese IP address trying to log onto the servers by brute force "for a long time now it seems," said a participant.

On Aug. 14, the community began to bring the machines back up in a safe state so that they could recover data from them. Unfortunately, according to Ubuntu Community Manager Jono Bacon, the servers were all found to be out of date, stuffed with Web software, and missing security patches—at least in the instances where it was easy to determine what version they're running.

"An attacker could have gotten a shell through almost any of these sites," Bono wrote in a posting, regarding a change to location server policy that resulted from the incident. 

Ubuntu Servers Hijacked, Used to Launch Attack

ttfn

David