Hi,
since we want to move towards handling security problems in a proactive
way, like this is done by
many site security officers, we should forward this question to the
site security people on the larger sites and ask how
they handle attempted break-ins.
I'll do this at CERN.
markus "they already reinvented the wheel and
called it best practice" schulz
On Tuesday, Aug 17, 2004, at 16:11 Europe/Zurich, Jeff Templon wrote:
> Hi,
>
> just FYI, we've seen the same thing. Only on tbn18 (our CE)
> if I recall correctly.
>
> JT
>
> On Tue, 2004-08-17 at 15:13, Henry Nebrensky wrote:
>> Since the start of this month we've had bursts of people trying to ssh
>> into our Grid nodes. trying the obvious accounts (guest, test, admin,
>> root
>> etc.) Are these sort of events to be reported to someone in the
>> LCG/GOC
>> hierarchies, or only "successful" penetrations?
>>
>> Henry
>>
>> --
>> Dr. Henry Nebrensky [log in to unmask]
>> http://www.brunel.ac.uk/~eesrjjn
>> "The opossum is a very sophisticated animal.
>> It doesn't even get up until 5 or 6 p.m."
>
>
************************************************************************
*******
Markus Schulz
CERN IT
|