[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [ecf-dev] ecf2.osuosl.org
- From: Markus Alexander Kuppe <ecf-dev_eclipse.org@xxxxxxxxxxx>
- Date: Wed, 01 Dec 2010 19:55:59 +0100
- Delivered-to: firstname.lastname@example.org
- User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:220.127.116.11) Gecko/20101027 Lightning/1.0b2 Thunderbird/3.1.6
On 11/29/2010 07:31 PM, Scott Lewis wrote:
> Hi Folks,
> This morning the OSU Open Source lab is apparently experiencing an ssh
> attack (i.e. to all machines *.osuosl.org).
> One of the machines in that domain is ecf2.osuosl.org. ecf2 was
> formerly our build machine...about two weeks ago Markus K completed the
> move of ecf2.osuosl.org to the new machine  and .
> Since ecf2 is a fairly old system, it is probably somewhat more
> vulnerable to compromise from this ssh attack (older OS version)...so we
> are going to ask that if the OSU OSL admins want to, that they can shut
> this machine down temporarily. This is only temporary, but it may be a
> while (e.g. week) before ecf2.osuosl.org is back up. It will, however,
> be back up eventually.
> Please let everyone know via this list if this creates a problem for
> you. In general, everyone should be migrating over to using  for
> accessing ECF build artifacts, but I realize that some may not have
> completed such a changeover.
As a precaution, ecf2.osuosl.org has been taken down now. Nothing
indicated a security break in, but we want to be on the safe side.
It's going to take a while before the machine is going to be online
again. The OSU admins have to find time to reinstall the box with a
recent Linux (Gentoo).