[auton-users] UX10 & UX12 break-ins

Dan Pelleg dpelleg+ at cs.cmu.edu
Wed Apr 9 21:31:41 EDT 2003 

SCS facilities have recently announced a password sniffing incident
affecting users of UX10 and UX12. The notice is posted below. If you
"finger" a CS user you will see their maildrop machine, inside square
brackets. I know of at least two lab members with accounts on these
machines.

As a precaution, I am disabling SSH access for these people. The logs
indicate they haven't logged in recently anyway so this is only a minor
inconvenience for them. If you are affected, contact admin at autonlab.org to
have your AUTON password changed. Mention any information you received from
facilities and is not shown below.

Please mention if you used the same password in other places. In
particular, if you used it for root access to your own desktop machine, we
should notify all the other users of the machine and possibly have them
change their passwords too. Note that since many machines we use allow
access to all of us, you may be indirectly affected even if you're not a
user of UX10 or UX12.

This is a good time to remind people to use different passwords to
different systems. I recommend using a password-manager to keep track of
all your passwords. Personally, I use one on my PDA. If anyone has
recommendations for something that runs on standard UNIX, offers strong
encryption for the stored passwords, and is easy to use, please post them.


--------------------
 
UX10.SP.CS.CMU.EDU and UX12.SP.CS.CMU.EDU were both broken into.  As a 
result, those hosts were removed from the network so they could be 
re-installed and secured.  They should be back in service sometime on 
Wednesday evening. 
 
The intruder(s) installed a password sniffer that was capable of bypassing  
some of the normal encryption mechanisms used to protect against such  
snooping. We have disabled those SCS Kerberos passwords that are known to  
be compromised.  Mail has been sent to people affected, since many of them  
are still able to read their e-mail via POP.  If you have problems using 
your password, or using UX10 or UX12, please contact the SCS Help Desk 
at x8-4231 (M-F, 9-5).

--------------------

More information about the Autonlab-users mailing list