[volunteergrid2-l] I'm sorry, but Introducer furl leaked
Shawn Willden
shawn at willden.org
Wed Mar 7 18:37:43 UTC 2012
Gratch is on the new introducer.
On Wed, Mar 7, 2012 at 10:57 AM, Jody Harris <jharris at harrisdev.com> wrote:
> New introducer.furl published to wiki.
>
> jody
>
> ----
> Ph. 575-208-4567
> - Think carefully.
>
>
>
> On Wed, Mar 7, 2012 at 9:33 AM, Shawn Willden <shawn at willden.org> wrote:
>
>> I was also waiting for someone else to respond :-)
>>
>> Yes, we should probably do the introducer shuffle again. It went pretty
>> smoothly last time.
>>
>> On Wed, Mar 7, 2012 at 8:20 AM, Steve Dodson <steve.dodson at gmail.com>wrote:
>>
>>> It doesn't bother me a bit to switch; whatever needs to be done to keep
>>> the grid happily chugging along. ;-P
>>>
>>>
>>> On 03/07/2012 07:02 AM, Jody Harris wrote:
>>>
>>>> I think we're all waiting for someone else to chime in.
>>>>
>>>> j
>>>> ----
>>>> Ph. 575-208-4567
>>>> - Think carefully.
>>>>
>>>>
>>>>
>>>> On Wed, Mar 7, 2012 at 6:34 AM, <sabotrax at gmail.com
>>>> <mailto:sabotrax at gmail.com>> wrote:
>>>>
>>>> hi,
>>>> i sent this mail to the ml yesterday, but i didn't come through, so i
>>>> resend it as a reply:
>>>>
>>>> Hi all,
>>>> it seems as if my server who is running tahoe has been hacked.
>>>> i hate to say this, but i think the introducer furl has to be
>>>> changed again.
>>>>
>>>> i just looked around my system when i saw a new dir "test" under
>>>> "/home" that has been created on 2012/02/21.
>>>> i then did:
>>>>
>>>> root at foo:/home# lsof |grep test
>>>> bash 1458 test cwd DIR 0,18 460
>>>> 6108855 /run/shm/ / /bot
>>>> bash 1458 test rtd DIR 8,1 4096
>>>> 2 /
>>>> bash 1458 test txt REG 0,18 492135
>>>> 6108126 /run/shm/ / /bot/bash
>>>> bash 1458 test mem REG 8,1 79712
>>>> 14811193 /lib32/libresolv-2.13.so <
>>>> http://libresolv-2.13.so>
>>>>
>>>> bash 1458 test mem REG 8,1 46736
>>>> 14811192 /lib32/libnss_files-2.13.so
>>>> <http://libnss_files-2.13.so>
>>>>
>>>> bash 1458 test mem REG 8,1 1532104
>>>> 14811189 /lib32/libc-2.13.so <http://libc-2.13.so>
>>>>
>>>> bash 1458 test mem REG 8,1 22092
>>>> 14811194 /lib32/libnss_dns-2.13.so <
>>>> http://libnss_dns-2.13.so>
>>>>
>>>> bash 1458 test mem REG 8,1 126152
>>>> 14811196 /lib32/ld-2.13.so <http://ld-2.13.so>
>>>>
>>>> bash 1458 test 0w REG 0,18 2153806
>>>> 6108891 /run/shm/ / /bot/LinkEvents
>>>> bash 1458 test 1u sock 0,7 0t0
>>>> 85480587 can't identify protocol
>>>> bash 1458 test 2u sock 0,7 0t0
>>>> 85479769 can't identify protocol
>>>> bash 1458 test 3u IPv4 6108142 0t0
>>>> UDP *:49486
>>>> bash 1458 test 4u sock 0,7 0t0
>>>> 85481277 can't identify protocol
>>>> bash 1458 test 5u sock 0,7 0t0
>>>> 85698092 can't identify protocol
>>>> bash 1458 test 6u sock 0,7 0t0
>>>> 85498612 can't identify protocol
>>>> bash 1458 test 7u sock 0,7 0t0
>>>> 85576571 can't identify protocol
>>>> bash 1458 test 8u sock 0,7 0t0
>>>> 86667704 can't identify protocol
>>>> bash 1458 test 9u sock 0,7 0t0
>>>> 86667741 can't identify protocol
>>>> bash 1458 test 10u sock 0,7 0t0
>>>> 86669526 can't identify protocol
>>>> bash 1458 test 11u sock 0,7 0t0
>>>> 86669303 can't identify protocol
>>>> bash 1458 test 12u sock 0,7 0t0
>>>> 86671788 can't identify protocol
>>>> bash 1458 test 13u sock 0,7 0t0
>>>> 86670345 can't identify protocol
>>>> bash 1458 test 14u IPv4 89167118 0t0
>>>> TCP foo.cyberdeck.null:38455->161.53.178.240:irc**d
>>>> (SYN_SENT)
>>>> bash 1458 test 15u sock 0,7 0t0
>>>> 86671794 can't identify protocol
>>>> bash 1458 test 16u sock 0,7 0t0
>>>> 86707925 can't identify protocol
>>>> bash 1458 test 17u sock 0,7 0t0
>>>> 87574595 can't identify protocol
>>>> bash 1458 test 18u IPv4 89167113 0t0
>>>> TCP
>>>> foo.cyberdeck.null:49523->173.245.201.28
>>>> <tel:173.245.201.28>:afs3-fileserver (SYN_SENT)
>>>>
>>>> root at foo:/home# halt
>>>> W: molly-guard: SSH session detected!
>>>> Please type in hostname of the machine to halt: foo
>>>>
>>>> An alle Benutzer verteilte Nachricht von undo at foo
>>>> (/dev/pts/0) um 16:24 ...
>>>>
>>>> Das System wird sich JETZT zum Anhalten herunterfahren!
>>>>
>>>> ---
>>>>
>>>> looks like my box has been a proud member of some botnet for the
>>>> last two weeks.
>>>> atm i really don't know how this could have happened. i just wanted
>>>> to
>>>> tell you guys as fast as possible.
>>>>
>>>> greetings,
>>>> marcus
>>>>
>>>> 2012/3/5 Shawn Willden <shawn at willden.org <mailto:shawn at willden.org
>>>> >>:
>>>>
>>>> > Yup, I can see sabotrax.
>>>> >
>>>> > I think that's everyone, isn't it?
>>>> >
>>>> >
>>>> > On Mon, Mar 5, 2012 at 8:13 AM, <sabotrax at gmail.com
>>>> <mailto:sabotrax at gmail.com>> wrote:
>>>> >>
>>>> >> hi,
>>>> >> i just changed the introducer and restartet tahoe.
>>>> >> is my node kqyu52 connected? i'm just asking because i don't see
>>>> it
>>>> >> from another box that's located in the same local net (but that
>>>> could
>>>> >> be a routing issue).
>>>> >>
>>>> >> thanks
>>>> >>
>>>> >> 2012/3/3 Shawn Willden <shawn at willden.org
>>>> <mailto:shawn at willden.org>>:
>>>>
>>>> >> > 14 nodes on the new introducer FURL now! Only one or two
>>>> haven't
>>>> >> > migrated.
>>>> >> >
>>>> >> >
>>>> >> > On Fri, Mar 2, 2012 at 4:15 PM, Christoph Langguth
>>>> >> > <christoph at rosenkeller.org <mailto:christoph at rosenkeller.**org<christoph at rosenkeller.org>
>>>> >>
>>>>
>>>> wrote:
>>>> >> >>
>>>> >> >> Wow!
>>>> >> >>
>>>> >> >> I'm absolutely amazed of you people here.
>>>> >> >>
>>>> >> >> It's been exactly 24 hours since we had a "911 call" on this
>>>> list, with
>>>> >> >> people distributed around the globe.
>>>> >> >>
>>>> >> >> Within these 24 hours, we have managed to "migrate" 2/3 of the
>>>> >> >> infrastructure, maintained by almost 20 people, to a different
>>>> >> >> location. And
>>>> >> >> I'm sure that the rest of the maintainers will follow within
>>>> a few
>>>> >> >> hours (or
>>>> >> >> when they read their mails.... jeez, it's weekend after all!).
>>>> >> >>
>>>> >> >> Quoting Jody, and in big letters:
>>>> >> >> YOU ARE AWESOME!
>>>> >> >>
>>>> >> >> Thanks! ;-)
>>>> >> >> -- Chris
>>>> >> >>
>>>> >> >>
>>>> >> >>
>>>> >> >> Am 01.03.2012 23:55, schrieb slush:
>>>> >> >>
>>>> >> >>> Hi all,
>>>> >> >>>
>>>> >> >>> I had deep-check cronjob on the same machine which has been
>>>> hacked
>>>> >> >>> today (see
>>>> >> >>>
>>>> >> >>>
>>>> http://bitcoinmedia.com/**compromised-linode-coins-**
>>>> stolen-from-slush-faucet-and-**others/<http://bitcoinmedia.com/compromised-linode-coins-stolen-from-slush-faucet-and-others/>
>>>> ).
>>>> >> >>> Although it looks like attackers come just for my bitcoins,
>>>> they had
>>>> >> >>> also access to tahoe config, so we should expect that
>>>> introducer furl
>>>> >> >>> leaked as well. How we should resolve this issue?
>>>> >> >>>
>>>> >> >>> Best,
>>>> >> >>> slush
>>>> >> >>> ______________________________**_________________
>>>> >> >>> volunteergrid2-l mailing list
>>>> >> >>> volunteergrid2-l at tahoe-lafs.**org<volunteergrid2-l at tahoe-lafs.org>
>>>> <mailto:volunteergrid2-l@**tahoe-lafs.org<volunteergrid2-l at tahoe-lafs.org>
>>>> >
>>>>
>>>> >> >>> http://tahoe-lafs.org/cgi-bin/**mailman/listinfo/**
>>>> volunteergrid2-l<http://tahoe-lafs.org/cgi-bin/mailman/listinfo/volunteergrid2-l>
>>>> >> >>> http://bigpig.org/twiki/bin/**view/Main/WebHome<http://bigpig.org/twiki/bin/view/Main/WebHome>
>>>> >> >>
>>>> >> >>
>>>> >> >>
>>>> >> >>
>>>> >> >> ______________________________**_________________
>>>> >> >> volunteergrid2-l mailing list
>>>> >> >> volunteergrid2-l at tahoe-lafs.**org<volunteergrid2-l at tahoe-lafs.org>
>>>> <mailto:volunteergrid2-l@**tahoe-lafs.org<volunteergrid2-l at tahoe-lafs.org>
>>>> >
>>>>
>>>> >> >> http://tahoe-lafs.org/cgi-bin/**mailman/listinfo/**
>>>> volunteergrid2-l<http://tahoe-lafs.org/cgi-bin/mailman/listinfo/volunteergrid2-l>
>>>> >> >> http://bigpig.org/twiki/bin/**view/Main/WebHome<http://bigpig.org/twiki/bin/view/Main/WebHome>
>>>> >> >
>>>> >> >
>>>> >> >
>>>> >> >
>>>> >> > --
>>>> >> > Shawn
>>>> >> >
>>>> >> > ______________________________**_________________
>>>> >> > volunteergrid2-l mailing list
>>>> >> > volunteergrid2-l at tahoe-lafs.**org<volunteergrid2-l at tahoe-lafs.org>
>>>> <mailto:volunteergrid2-l@**tahoe-lafs.org<volunteergrid2-l at tahoe-lafs.org>
>>>> >
>>>>
>>>> >> > http://tahoe-lafs.org/cgi-bin/**mailman/listinfo/**
>>>> volunteergrid2-l<http://tahoe-lafs.org/cgi-bin/mailman/listinfo/volunteergrid2-l>
>>>> >> > http://bigpig.org/twiki/bin/**view/Main/WebHome<http://bigpig.org/twiki/bin/view/Main/WebHome>
>>>> >>
>>>> >>
>>>> >>
>>>> >> --
>>>> >> Give us this day our garlic bread and lead us not into
>>>> vegetarianism
>>>> >> but deliver us some pizza.
>>>> >> ______________________________**_________________
>>>> >> volunteergrid2-l mailing list
>>>> >> volunteergrid2-l at tahoe-lafs.**org<volunteergrid2-l at tahoe-lafs.org>
>>>> <mailto:volunteergrid2-l@**tahoe-lafs.org<volunteergrid2-l at tahoe-lafs.org>
>>>> >
>>>>
>>>> >> http://tahoe-lafs.org/cgi-bin/**mailman/listinfo/**
>>>> volunteergrid2-l<http://tahoe-lafs.org/cgi-bin/mailman/listinfo/volunteergrid2-l>
>>>> >> http://bigpig.org/twiki/bin/**view/Main/WebHome<http://bigpig.org/twiki/bin/view/Main/WebHome>
>>>> >
>>>> >
>>>> >
>>>> >
>>>> > --
>>>> > Shawn
>>>> >
>>>> > ______________________________**_________________
>>>> > volunteergrid2-l mailing list
>>>> > volunteergrid2-l at tahoe-lafs.**org<volunteergrid2-l at tahoe-lafs.org>
>>>> <mailto:volunteergrid2-l@**tahoe-lafs.org<volunteergrid2-l at tahoe-lafs.org>
>>>> >
>>>>
>>>> > http://tahoe-lafs.org/cgi-bin/**mailman/listinfo/**
>>>> volunteergrid2-l<http://tahoe-lafs.org/cgi-bin/mailman/listinfo/volunteergrid2-l>
>>>> > http://bigpig.org/twiki/bin/**view/Main/WebHome<http://bigpig.org/twiki/bin/view/Main/WebHome>
>>>>
>>>>
>>>>
>>>> --
>>>> Give us this day our garlic bread and lead us not into vegetarianism
>>>> but deliver us some pizza.
>>>> ______________________________**_________________
>>>> volunteergrid2-l mailing list
>>>> volunteergrid2-l at tahoe-lafs.**org <volunteergrid2-l at tahoe-lafs.org><mailto:
>>>> volunteergrid2-l@**tahoe-lafs.org <volunteergrid2-l at tahoe-lafs.org>>
>>>>
>>>> http://tahoe-lafs.org/cgi-bin/**mailman/listinfo/**volunteergrid2-l<http://tahoe-lafs.org/cgi-bin/mailman/listinfo/volunteergrid2-l>
>>>> http://bigpig.org/twiki/bin/**view/Main/WebHome<http://bigpig.org/twiki/bin/view/Main/WebHome>
>>>>
>>>>
>>>>
>>>>
>>>> ______________________________**_________________
>>>> volunteergrid2-l mailing list
>>>> volunteergrid2-l at tahoe-lafs.**org <volunteergrid2-l at tahoe-lafs.org>
>>>> http://tahoe-lafs.org/cgi-bin/**mailman/listinfo/**volunteergrid2-l<http://tahoe-lafs.org/cgi-bin/mailman/listinfo/volunteergrid2-l>
>>>> http://bigpig.org/twiki/bin/**view/Main/WebHome<http://bigpig.org/twiki/bin/view/Main/WebHome>
>>>>
>>>
>>> --
>>>
>>> soli Deo gloria
>>>
>>> ______________________________**_________________
>>> volunteergrid2-l mailing list
>>> volunteergrid2-l at tahoe-lafs.**org <volunteergrid2-l at tahoe-lafs.org>
>>> http://tahoe-lafs.org/cgi-bin/**mailman/listinfo/**volunteergrid2-l<http://tahoe-lafs.org/cgi-bin/mailman/listinfo/volunteergrid2-l>
>>> http://bigpig.org/twiki/bin/**view/Main/WebHome<http://bigpig.org/twiki/bin/view/Main/WebHome>
>>>
>>
>>
>>
>> --
>> Shawn
>>
>> _______________________________________________
>> volunteergrid2-l mailing list
>> volunteergrid2-l at tahoe-lafs.org
>> http://tahoe-lafs.org/cgi-bin/mailman/listinfo/volunteergrid2-l
>> http://bigpig.org/twiki/bin/view/Main/WebHome
>>
>
>
> _______________________________________________
> volunteergrid2-l mailing list
> volunteergrid2-l at tahoe-lafs.org
> http://tahoe-lafs.org/cgi-bin/mailman/listinfo/volunteergrid2-l
> http://bigpig.org/twiki/bin/view/Main/WebHome
>
--
Shawn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tahoe-lafs.org/cgi-bin/mailman/private/volunteergrid2-l/attachments/20120307/000a8471/attachment-0001.html>
More information about the volunteergrid2-l
mailing list