From humberto at hpcf.upr.edu Tue Nov 3 07:42:55 2009 From: humberto at hpcf.upr.edu (Humberto Ortiz Zuazaga) Date: Tue, 03 Nov 2009 08:42:55 -0400 Subject: [sysadmin] Interesting analysis of the costs to brute force passwords. Message-ID: <4AF0254F.5060206@hpcf.upr.edu> http://news.electricalchemy.net/2009/10/password-cracking-in-cloud-part-5.html Take home message. 8 character passwords are too short. 12 character passwords are OK. 10 characters are OK if you mix uppper and lower case letters, numbers and symbols. Note: this is different from dictionary attacks. This was a brute force attack on encrypted .zip files. -- Humberto Ortiz-Zuazaga Programmer-Archaeologist UPR High Performance Computing facility http://www.hpcf.upr.edu/~humberto/ From humberto at hpcf.upr.edu Tue Nov 3 07:47:46 2009 From: humberto at hpcf.upr.edu (Humberto Ortiz Zuazaga) Date: Tue, 03 Nov 2009 08:47:46 -0400 Subject: [sysadmin] Compromise of www.hpcf.upr.edu Message-ID: <4AF02672.3030202@hpcf.upr.edu> Last week we found www.hpcf.upr.edu had been compromised. Advertisements for pharmaceutical products had been placed on our server. The machine had been root compromised, and has been installed from scratch and (most) of the content restored from backups. The machine had a user account broken into, we don't know if it was brute forced or exploited a web application. The user then obtained root via privilege escalation. Check your server logs. -- Humberto Ortiz-Zuazaga Programmer-Archaeologist UPR High Performance Computing facility http://www.hpcf.upr.edu/~humberto/ From jose.quinones9 at upr.edu Thu Nov 5 11:37:23 2009 From: jose.quinones9 at upr.edu (Jose L Quinones Borrero) Date: Thu, 5 Nov 2009 12:37:23 -0400 Subject: [sysadmin] Antivirus para Windows 2008 Message-ID: <6b5ebdcb0911050837w57627439xf593afea1e3c4b4e@mail.gmail.com> Alguien tiene la version de SEP 11 que instala en Windows 2008? -- -- Jos? L. Qui?ones-Borrero, B.S. Director Center for Informatics and Technology School of Medicine - Medical Sciences Campus University of Puerto Rico Tel 787.758.2525 x.1980,1550 Fax: 787.763.3641 E-mail: jose.quinones9 at upr.edu Web: http://cit.md.rcm.upr.edu/ Certifications: MCP, MCSA, MCTS, MCITP, MCT, C|EH , C|EI, Security + Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain information considered confidential and privileged. Any unauthorized review, use, copying, disclosure or distribution, in whole or in part, is prohibited. If you received this message by error, please notify the sender and Delete this e-mail from your system. Think Green! Please do not print this e-mail unless it is completely necessary. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Pablo.Rebollo at ece.uprm.edu Thu Nov 5 15:23:38 2009 From: Pablo.Rebollo at ece.uprm.edu (Pablo J. Rebollo-Sosa) Date: Thu, 05 Nov 2009 16:23:38 -0400 Subject: [sysadmin] Antivirus para Windows 2008 In-Reply-To: <6b5ebdcb0911050837w57627439xf593afea1e3c4b4e@mail.gmail.com> References: <6b5ebdcb0911050837w57627439xf593afea1e3c4b4e@mail.gmail.com> Message-ID: <4AF3344A.2030101@ece.uprm.edu> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Saludos Jos?, He tratado de conseguir en varias ocasiones versiones m?s recientes que la maintenance release 3 (MR3) y lamentablemente no he tenido ?xito. Entiendo que la versi?n MR4 puede ser instalada en Windows server 2008 como cliente y/o ambiente de manejo. La version RU5 apoya Windows 7. Si miras el siguiente enlace encontraras los detalles de las versiones. http://service1.symantec.com/SUPPORT/ent-security.nsf/docid_p/2007121216360648 Cordialmente, Pablo J. Rebollo Jose L Quinones Borrero wrote: > Alguien tiene la version de SEP 11 que instala en Windows 2008? > > > > ------------------------------------------------------------------------ > > _______________________________________________ > sysadmin mailing list > sysadmin at lists.hpcf.upr.edu > http://lists.hpcf.upr.edu/mailman/listinfo/sysadmin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkrzNEoACgkQxjU5UYZ6K6cOSgCfSmPtImKNQZ0MReC7bxRnBPzL MA8AniYTbTlVkNtyiCqkweRxK5zGkQG3 =rNzL -----END PGP SIGNATURE----- From Pablo.Rebollo at ece.uprm.edu Thu Nov 5 23:23:04 2009 From: Pablo.Rebollo at ece.uprm.edu (Pablo J. Rebollo-Sosa) Date: Fri, 06 Nov 2009 00:23:04 -0400 Subject: [sysadmin] Antivirus para Windows 2008 In-Reply-To: <6b5ebdcb0911051320t6a805fc1rc331df7687ad99be@mail.gmail.com> References: <6b5ebdcb0911050837w57627439xf593afea1e3c4b4e@mail.gmail.com> <4AF3344A.2030101@ece.uprm.edu> <6b5ebdcb0911051320t6a805fc1rc331df7687ad99be@mail.gmail.com> Message-ID: <4AF3A4A8.8080702@ece.uprm.edu> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Saludos Jos?, Ac? en el recinto tienen la versi?n MR3. Al instalar la versi?n de manejo de clientes MR3 (SEPM), el Liveupdate actualiza el cliente de MR3 a MR4. Con esto, no deber?as tener problemas para utilizar el cliente en Windows server 2008. Nosotros hemos tenidos varios issues con las diferentes versiones de SEP. Sospecho que por eso el listado de problemas es extenso basado en los release notes. Mi recomendaci?n es tratar de utilizar la versi?n m?s reciente. Por otro lado, en estos d?as estuve coment?ndole a mis compa?eros sobre si podemos utilizar Microsoft Security Essentials en nuestra ?rea ya que hab?a visto un mensaje que me llam? la atenci?n en UNISOG. Al parecer el producto MSSE es para uso domestico. http://lists.sans.org/pipermail/unisog/2009-October/028185.html Realmente no he tenido el tiempo de buscar informaci?n adicional en relaci?n a las condiciones de MSSE. Entiendo que ma?ana viernes el recinto estar? cerrado por manifestaciones. El pr?ximo lunes le preguntar? al personal del CTI si te pueden facilitar copia del software. La mejor opci?n ser?a obtener una copia directamente de OGP. Cordialmente, Pablo J. Rebollo Jose L Quinones Borrero wrote: > Gracias, > > Ya habia verificado eso, el problema es que la version que tengo en el RCM > no es compatible. Queria saber si alguien habia conseguido ya la version > MR3 o mayor, preferiblemente la RU5 ahora que Windows 7 esta aqui. > > Para Windows 7 no hay problemas, ya que se le puede instalar el Comodo o el > nuevo Microsoft SE sin conflictos de licenciamiento. Pero para Windows 2008 > no he encontrado nada que no haya que comprar aparte de ClamAV. > > JQ > > 2009/11/5 Pablo J. Rebollo-Sosa > > Saludos Jos?, > > He tratado de conseguir en varias ocasiones versiones m?s recientes que > la maintenance release 3 (MR3) y lamentablemente no he tenido ?xito. > Entiendo que la versi?n MR4 puede ser instalada en Windows server 2008 > como cliente y/o ambiente de manejo. La version RU5 apoya Windows 7. > > Si miras el siguiente enlace encontraras los detalles de las versiones. > > > http://service1.symantec.com/SUPPORT/ent-security.nsf/docid_p/2007121216360648 > > Cordialmente, > > Pablo J. Rebollo > > Jose L Quinones Borrero wrote: >>>> Alguien tiene la version de SEP 11 que instala en Windows 2008? >>>> >>>> >>>> >>>> ------------------------------------------------------------------------ >>>> >>>> _______________________________________________ >>>> sysadmin mailing list >>>> sysadmin at lists.hpcf.upr.edu >>>> http://lists.hpcf.upr.edu/mailman/listinfo/sysadmin >> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkrzpKgACgkQxjU5UYZ6K6dCyQCfeslhVDDtr+gEfuLJL5cVfPdk DiMAn3yTMrpG0Dy4MDX9nqSvxAXBiMx1 =jCgq -----END PGP SIGNATURE-----