Any network/security admins feeling extra tired this week?

Discussion in 'Archived Threads 2001-2004' started by John Stone, Jun 28, 2002.

  1. John Stone

    John Stone Supporting Actor

    Joined:
    Aug 5, 2001
    Messages:
    680
    Likes Received:
    0
    Trophy Points:
    0
    I sure am. Remote root exploits have been announced within the last few weeks for several of the most widely used DMZ network services: Apache, OpenSSH, and now the resolver libraries used in the nearly ubiquitous ICS BIND (among other things). It's been crazy trying to get all the servers I'm responsible for updated without breaking anything or causing loss of service. Unfortunately I think we're going to see a lot of hacked systems over the next several months. I hope things calm down a little so I can take a well-deserved long weekend after the 4th.
     
  2. Shayne Lebrun

    Shayne Lebrun Screenwriter

    Joined:
    Jun 17, 1999
    Messages:
    1,086
    Likes Received:
    0
    Trophy Points:
    0
    Good. Maybe this'll reinvigorate the market for us sysadmins, and I'll get a job. :)
     
  3. Kolya

    Kolya Stunt Coordinator

    Joined:
    Mar 10, 2001
    Messages:
    91
    Likes Received:
    0
    Trophy Points:
    0
    For once, I was glad that we run Win2k/IIS. [​IMG]
     
  4. Ryan Wright

    Ryan Wright Screenwriter

    Joined:
    Jul 30, 2000
    Messages:
    1,875
    Likes Received:
    0
    Trophy Points:
    0
    John - I spent 3 hours last week updating OpenSSH on the servers I'm responsible for. Forgot to compile it with PAM support the first time around (doh!) and had to re-do it all. Not fun.
     
  5. John Stone

    John Stone Supporting Actor

    Joined:
    Aug 5, 2001
    Messages:
    680
    Likes Received:
    0
    Trophy Points:
    0
     
  6. Charles Bober

    Charles Bober Stunt Coordinator

    Joined:
    Sep 5, 1999
    Messages:
    199
    Likes Received:
    0
    Trophy Points:
    0
    I'm with ya Kolya. Maybe the market will rebound so I can finall get a job. 2 months now being unemployed and I'm going freakin' nuts.
     
  7. Micah Lloyd

    Micah Lloyd Stunt Coordinator

    Joined:
    May 27, 1999
    Messages:
    141
    Likes Received:
    0
    Trophy Points:
    0
    One of my great fears is HUP'ing the new sshd on one of my remote systems and have it fail, locking me out (especially troubling in that many of the systems I administer are 7,500 miles away...). I've learned to temporarily open telnet (with OPIE) during these updates.
     
  8. DonRoeber

    DonRoeber Screenwriter

    Joined:
    Feb 11, 2001
    Messages:
    1,849
    Likes Received:
    0
    Trophy Points:
    0
    I'm glad I purposely run an old version of ssh (the ssh1 series, the way we use it, we're not vulnerable to the attack). Having to fix all of the apache installs sucked though. Our bind is okay too, because of the way we use it.

    zlib a few months ago -really- sucked.

    There've been a bunch of unix exploits recently. For awhile, we weren't getting any, and all of the NT guys were working OT. Ah well. Maybe we'll get some new platform agnostic denial of service attack in a few months. Always good to have something like that around when the students come back.
     
  9. Ryan Wright

    Ryan Wright Screenwriter

    Joined:
    Jul 30, 2000
    Messages:
    1,875
    Likes Received:
    0
    Trophy Points:
    0
     
  10. Micah Lloyd

    Micah Lloyd Stunt Coordinator

    Joined:
    May 27, 1999
    Messages:
    141
    Likes Received:
    0
    Trophy Points:
    0
     
  11. John Stone

    John Stone Supporting Actor

    Joined:
    Aug 5, 2001
    Messages:
    680
    Likes Received:
    0
    Trophy Points:
    0
    I use a few Livingston PortMaster 2E's for serial access to most of the routers, switches, servers and IDSUs at our central office. Those PM2Es work great even after all these years. I am thinking of deploying some old laptops to some of our more remote locations for the same purpose. Nothing worse than locking yourself out of something in the middle of the night. [​IMG]
     
  12. Micah Lloyd

    Micah Lloyd Stunt Coordinator

    Joined:
    May 27, 1999
    Messages:
    141
    Likes Received:
    0
    Trophy Points:
    0
    It's amazing; those PortMasters can be picked up for under $100 on ebay... Remember what they went for new?!?
     

Share This Page