[Beowulf] Security issues
kilian.cavalotti.work at gmail.com
Fri Oct 24 01:55:54 PDT 2008
Jon Aquilina wrote:
> did this person use the ssh exploit that red hat found a few months ago?
Apparently not. From what Joe wrote, "the entry point was via a shared
user account". This account has been compromised, either with
brute-force ssh login attempts, or was socially engineered, it's not clear.
Nothing seems to indicate (as far as I can tell) that the entry point
was due to some weakness in one of the Rocks components. I second Mitch
in saying that this break-in isn't Rocks specific, but rather the result
of poor (lack of?) administration practices (especially from what I
could read here: http://scalability.org/?p=905, and assuming it's about
the same customer).
On the other hand, it's true that Rocks' philosophy (which I'm not a big
proponent of) doesn't make updates easy, nor encourage keeping systems
up-to-date. It tends to focus on the Windowsian "reinstall the whole
machine" approach in case of problem. Which makes perfect sense in
specific contexts, where no dedicated administration resources are
available, or where compute time is critical and understanding the root
cause of technical problems not so important.
But this can also lead to the kind of security problem Joe described,
even if here, I don't think one can blame any of the system's component
being outdated for this intrusion.
More information about the Beowulf