Big Bad Beowulfs Again

dwight dwight at supercomputer.org
Sun May 14 12:23:27 PDT 2000


Gerry Creager N5JXS wrote:

>
>
> We still get hit, but we take a proactive role in security here at
> TAMU.  (That's not an invitation, OK?)... When I got hit by a wu-ftpd
> buffer overflow intrusion about a year ago, the penetration was thru 2
> @HOME.com machines that had absolutely nothing done for hardening
> following installation of stock RedHat.  This is a valid hole.  And I'll
> concede that enough University environments don't attempt to tighten up
> their systems to make .edu a real potential vulnerabilty as well.
>

IMHO anyone who uses wu-ftpd shouldn't complain about being hit;
it has had well-known security problems in the past, and I don't believe
anyone's ever signed off on a proper security audit of it.

You raise an important point though; and while it's not directly related
to Beowulfs, it does pertain to many on this list, so I'll take the liberty
of addressing it here.

Many people are under the wrong impression about DHCP accounts.
Their reasoning goes that if their IP address is dynamic, then they are
probably safe from attacks, as who'd be looking to attack their machine?

This is absolutely wrong. What they don't realize is that they are a PRIME
target for attacks.

The reason being is that the majority of such users believe that their
"anonymity" helps keep them safe (or they are completely clueless about
these matters), and so they don't bother with paying attention to security.
Hence they are an easy target;  and if an attacker is lucky, perhaps the LEOs
will pin the blame on the poor fool who was simply surfing the web.

I have actually seen penetration attempts myself on a DHCP account; and
I have other friends in the security biz who have also. And I'm speaking
of the common cable, dial-up, etc., standard ISP accounts that people use.

Most of the amateurs still try to roll the static IP's; but the really talented ones
have added the easier pickings to their lists.

Best Regards,

    -dwight-

---------------------------------------------------------------------------
The Beowulf Mailing list archives can now be searched by visiting:
        http://www.supercomputer.org/Search/
The Calendar of Events in supercomputering can be found at:
        http://www.supercomputer.org/calendar/







More information about the Beowulf mailing list