[Beowulf] Security issues
Jon Aquilina
eagles051387 at gmail.com
Fri Oct 24 00:57:40 PDT 2008
did this person use the ssh exploit that red hat found a few months ago?
On Fri, Oct 24, 2008 at 9:22 AM, Nifty niftyompi Mitch <
niftyompi at niftyegg.com> wrote:
> On Fri, Oct 24, 2008 at 05:39:17AM +0200, B. Vincent Diepeveen wrote:
> .....
> > hi Joe,
> >
> > Thanks for your post. Very interesting to see all this. Especially the
> > summary on what the
> > hacker tried.
> >
> > Note i was quite amazed that you mentioned Rocks distribution getting
> > used with you.
> > A few weeks ago i grabbed latest Rocks with the idea to install it for my
> > 1 node cluster.
> > Both attempted with and without quadrics QM400 card.
> ........
> >
> > Now you post here a big story on how your Rocks got hacked. Do i
> > conclude it correctly the
> > problem is that you ran a default Rocks kernel?
>
>
> The issue is not a ROCKS issue, it is a Linux and system admin issue.
> `
> Recall that ROCKS is based on CentOS/RHEL need have no more
> and no less out of the box security issues than they do.
>
> Over time the list of patches for both grows and grows...
>
> The subtle issue is one we all need to take to heart as we build
> constraints into our environment and make changes to accommodate the
> community needs. Then there are the foibles of users in general.
> Each constraint keeps us from patching or updating one thing or another
> and eventually opens a risk.
>
> As Joe's blog notes the hackers hacked their way into the system via
> a valid account and then began a systematic attack of all the cracks
> and hacks that they can get their hands on. The suite of tool kits is
> relentless in that no attack or vector gets forgotten out on the net.
>
> Great tools like ROCKS, give a lot and also add some constraints
> that over time may be a primary, secondary, .... or ....ary problem
> in the dependency tree that opens the crack the hackers need.
>
> In general the most common hacks depend on common user errors
> to get them started.
>
> --
> T o m M i t c h e l l
> Found me a new hat, now what?
>
> _______________________________________________
> Beowulf mailing list, Beowulf at beowulf.org
> To change your subscription (digest mode or unsubscribe) visit
> http://www.beowulf.org/mailman/listinfo/beowulf
>
--
Jonathan Aquilina
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.beowulf.org/pipermail/beowulf/attachments/20081024/8f5539ea/attachment.html>
More information about the Beowulf
mailing list