[4eyes] IP Addresses / Vulnerabilities

[John O'Donovan]

Hi Everyone,
We have had a number of vulnerability reports with lab machines over
the last few months.   Instead of the current "where's waldo" approach
to finding offending machines, it would be more efficient to have a
centralized list to check (as Matthew pointed out yesterday).

If people send me their IP addresses and machine name, I will collate
and maintain the list, in a non web-based, secure manner!.  If you are
concerned about emailing your IP, you can give it in person.   If you
have a laptop that you use frequently through wireless in the lab, the
mac address might be useful too, since these laptops will share a
common external IP.   (Please don't "reply all" with this data)

I'm sure everyone is aware of the following already, but as a reminder
(to myself also!  )
To avoid vulnerability reports and potential hacking, we can check
that all of our machines have latest OS updates, firewalls, up to date
antivirus software and definitions, and that any web accessible
service is always the latest version.  Vulnerabilities are common with
services such as Apache / PHP / FTP / MYSQL and anything else with a
port open to the Internet.   Any of these services should be
configured properly with strong passwords and only local access to
"root privilege" accounts  (e.g:  root@'%' == bad).


Thanks!

-John


-- 
John O'Donovan, PhD
Research Scientist
Four Eyes Lab
Department of Computer Science
University of California, Santa Barbara, CA 93106-5110

email: jod at cs.ucsb.edu
phone: (805)451-9342