Overview : Community : Archive : Tools : Showcase

Archives


- Beowulf
- Beowulf Announce
- Scyld-users
- Beowulf on Debian

[Beowulf] Security issues

Many of your questions may have already been answered in earlier discussions or in the FAQ. The search results page will indicate current discussions as well as past list serves, articles, and papers.

Search

Jon Aquilina eagles051387 at gmail.com
Fri Oct 24 00:57:40 PDT 2008 

did this person use the ssh exploit that red hat found a few months ago?

On Fri, Oct 24, 2008 at 9:22 AM, Nifty niftyompi Mitch <
niftyompi at niftyegg.com> wrote:

> On Fri, Oct 24, 2008 at 05:39:17AM +0200, B. Vincent Diepeveen wrote:
> .....
> > hi Joe,
> >
> > Thanks for your post. Very interesting to see all this. Especially the
> > summary on what the
> > hacker tried.
> >
> > Note i was quite amazed that you mentioned Rocks distribution getting
> > used with you.
> > A few weeks ago i grabbed latest Rocks with the idea to install it for my
> > 1 node cluster.
> > Both attempted with and without quadrics QM400 card.
> ........
> >
> > Now you post here a big story on how your Rocks got hacked. Do i
> > conclude it correctly the
> > problem is that you ran a default Rocks kernel?
>
>
> The issue is not a ROCKS issue, it is a Linux and system admin issue.
> `
> Recall that ROCKS is based on CentOS/RHEL need have no more
> and no less out of the box security issues than they do.
>
> Over time the list of patches for both grows and grows...
>
> The subtle issue is one we all need to take to heart as we build
> constraints into our environment and make changes to accommodate the
> community needs.   Then there are the foibles of users in general.
> Each constraint keeps us from patching or updating one thing or another
> and eventually opens a risk.
>
> As Joe's blog notes the hackers hacked their way into the system via
> a valid account and then began a systematic attack of all the cracks
> and hacks that they can get their hands on.   The suite of tool kits is
> relentless in that no attack or vector gets forgotten out on the net.
>
> Great tools like ROCKS, give a lot and also add some constraints
> that over time may be a primary, secondary, .... or ....ary problem
> in the dependency tree that opens the crack the hackers need.
>
> In general the most common hacks depend on common user errors
> to get them started.
>
> --
>        T o m  M i t c h e l l
>        Found me a new hat, now what?
>
> _______________________________________________
> Beowulf mailing list, Beowulf at beowulf.org
> To change your subscription (digest mode or unsubscribe) visit
> http://www.beowulf.org/mailman/listinfo/beowulf
>



-- 
Jonathan Aquilina
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.scyld.com/pipermail/beowulf/attachments/20081024/8f5539ea/attachment.html

More information about the Beowulf mailing list

Home | Overview | Community | Archive | Tools | Showcase

Copyright © 2004 Beowulf.org. All Rights Reserved.