From humberto at hpcf.upr.edu Thu Jul 13 15:17:24 2006 From: humberto at hpcf.upr.edu (Humberto Ortiz Zuazaga) Date: Thu Jul 13 15:17:23 2006 Subject: [sysadmin] Re: Pregunta In-Reply-To: <44B67E85.8000805@hpcf.upr.edu> References: <44B67E85.8000805@hpcf.upr.edu> Message-ID: <44B69C44.70306@hpcf.upr.edu> Ramon Sierra wrote: > Humberto, > > si la lista de sysadmin esta siendo publicada al internet, ya que > segun le cuenta su hermano vio varios e-mails publicados cuando hizo > un search en google. Umm, sysadmin es completamente publica. Cualquiera se puede subscribir, y cualquiera puede leer los archives. http://lists.hpcf.upr.edu/mailman/listinfo/sysadmin http://lists.hpcf.upr.edu/pipermail/sysadmin/ Ahi estan todos los email que se enviaron a la lista, chistes mongos, peleas, y avisos de interrupciones. Todo esta grabado para la posteridad. -- Humberto Ortiz-Zuazaga Programmer-Archaeologist UPR Bioinformatics Resource Center http://www.hpcf.upr.edu/~humberto/ From humberto at hpcf.upr.edu Thu Jul 13 15:22:59 2006 From: humberto at hpcf.upr.edu (Humberto Ortiz Zuazaga) Date: Thu Jul 13 15:22:59 2006 Subject: [sysadmin] [Fwd: Debian Server restored after Compromise] Message-ID: <44B69D93.4020605@hpcf.upr.edu> The attached email describes how a user account on one of the Debian project servers was brute forced and then leveraged into a root account using a recent kernel vulnerability. We recently ran jack the ripper on several of our machines and locked out some passwords that were relatively weak. We continue to see many ssh attempts to brute force passwords on our servers, watch your logs and make sure all your users have strong passwords. -- Humberto Ortiz-Zuazaga Programmer-Archaeologist UPR Bioinformatics Resource Center http://www.hpcf.upr.edu/~humberto/ -------------- next part -------------- An embedded message was scrubbed... From: Martin Schulze Subject: Debian Server restored after Compromise Date: Thu, 13 Jul 2006 19:54:52 +0200 Size: 6832 Url: /pipermail/sysadmin/attachments/20060713/5e080ab4/DebianServerrestoredafterCompromise.mht From ElielMelon at cprs.rcm.upr.edu Thu Jul 13 15:37:54 2006 From: ElielMelon at cprs.rcm.upr.edu (=?iso-8859-1?Q?=22Eliel_Mel=F3n_Ramos=22?=) Date: Thu Jul 13 15:38:05 2006 Subject: [sysadmin] [Fwd: Debian Server restored after Compromise] Message-ID: <5B6D37E9728ABB41B8122E036AF80210DFBF78@cprssrv1.rcm.upr.edu> Thanks for the information Humberto. Eliel Mel?n Ramos MBA - Technology Management BS - Computational Mathematics Director System Information Unit College of Health Related Professions Medical Sciences Campus University of Puerto Rico Tel. 787-758-2525 Ext. 4100 Fax. 787-759-3695 Email: elielmelon@cprs.rcm.upr.edu -----Original Message----- From: sysadmin-bounces@lists.hpcf.upr.edu [mailto:sysadmin-bounces@lists.hpcf.upr.edu] On Behalf Of Humberto Ortiz Zuazaga Sent: Thursday, July 13, 2006 3:23 PM To: sysadmin@lists.hpcf.upr.edu; staff@hpcf.upr.edu Subject: [sysadmin] [Fwd: Debian Server restored after Compromise] The attached email describes how a user account on one of the Debian project servers was brute forced and then leveraged into a root account using a recent kernel vulnerability. We recently ran jack the ripper on several of our machines and locked out some passwords that were relatively weak. We continue to see many ssh attempts to brute force passwords on our servers, watch your logs and make sure all your users have strong passwords. -- Humberto Ortiz-Zuazaga Programmer-Archaeologist UPR Bioinformatics Resource Center http://www.hpcf.upr.edu/~humberto/ From humberto at hpcf.upr.edu Fri Jul 28 14:48:34 2006 From: humberto at hpcf.upr.edu (Humberto Ortiz Zuazaga) Date: Fri Jul 28 14:48:09 2006 Subject: [sysadmin] Today is SysAdmin apreciation day. Message-ID: <44CA5C02.9020707@hpcf.upr.edu> A big hug to all our sysadmins on our day: http://www.sysadminday.com/ may no system crash -- Humberto Ortiz-Zuazaga Programmer-Archaeologist UPR Bioinformatics Resource Center http://www.hpcf.upr.edu/~humberto/