[Gluster-infra] Firewall added on jenkins master

Michael Scherer mscherer at redhat.com
Mon Nov 9 19:14:42 UTC 2015

Le lundi 09 novembre 2015 à 19:20 +0100, Michael Scherer a écrit :
> Hi,
> following
> http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/ ,
> I decided to take a closer look at the jenkins server.
> And 
> 1) there is a "few" update waiting for (just 300 of them...)
> 2) running update fill the space on the disk (hence why it was not
> running)
> 3) the firewall was removed (I have added it back)
> 4) selinux is disabled. Not even enforced, disabled.
> So I am gonna mitigate the exploit right now, adding filtering and take
> a closer look on that server for potential compromise. I might have to
> reboot it to enable selinux, etc.

So the reboot is taking longer than planned. I am not sure if it is
stopped or rebooting however (could be just the fsck over data).

Michael Scherer
Sysadmin, Community Infrastructure and Platform, OSAS

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://www.gluster.org/pipermail/gluster-infra/attachments/20151109/9e687e05/attachment.sig>

More information about the Gluster-infra mailing list