did this person use the ssh exploit that red hat found a few months ago? On Fri, Oct 24, 2008 at 9:22 AM, Nifty niftyompi Mitch < [EMAIL PROTECTED]> wrote:
> On Fri, Oct 24, 2008 at 05:39:17AM +0200, B. Vincent Diepeveen wrote: > ..... > > hi Joe, > > > > Thanks for your post. Very interesting to see all this. Especially the > > summary on what the > > hacker tried. > > > > Note i was quite amazed that you mentioned Rocks distribution getting > > used with you. > > A few weeks ago i grabbed latest Rocks with the idea to install it for my > > 1 node cluster. > > Both attempted with and without quadrics QM400 card. > ........ > > > > Now you post here a big story on how your Rocks got hacked. Do i > > conclude it correctly the > > problem is that you ran a default Rocks kernel? > > > The issue is not a ROCKS issue, it is a Linux and system admin issue. > ` > Recall that ROCKS is based on CentOS/RHEL need have no more > and no less out of the box security issues than they do. > > Over time the list of patches for both grows and grows... > > The subtle issue is one we all need to take to heart as we build > constraints into our environment and make changes to accommodate the > community needs. Then there are the foibles of users in general. > Each constraint keeps us from patching or updating one thing or another > and eventually opens a risk. > > As Joe's blog notes the hackers hacked their way into the system via > a valid account and then began a systematic attack of all the cracks > and hacks that they can get their hands on. The suite of tool kits is > relentless in that no attack or vector gets forgotten out on the net. > > Great tools like ROCKS, give a lot and also add some constraints > that over time may be a primary, secondary, .... or ....ary problem > in the dependency tree that opens the crack the hackers need. > > In general the most common hacks depend on common user errors > to get them started. > > -- > T o m M i t c h e l l > Found me a new hat, now what? > > _______________________________________________ > Beowulf mailing list, Beowulf@beowulf.org > To change your subscription (digest mode or unsubscribe) visit > http://www.beowulf.org/mailman/listinfo/beowulf > -- Jonathan Aquilina
_______________________________________________ Beowulf mailing list, Beowulf@beowulf.org To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
