[Gluster-infra] Firewall added on jenkins master
Michael Scherer
mscherer at redhat.com
Mon Nov 9 19:29:53 UTC 2015
Le lundi 09 novembre 2015 à 20:14 +0100, Michael Scherer a écrit :
> Le lundi 09 novembre 2015 à 19:20 +0100, Michael Scherer a écrit :
> > Hi,
> > following
> > http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/ ,
> > I decided to take a closer look at the jenkins server.
> >
> > And
> > 1) there is a "few" update waiting for (just 300 of them...)
> > 2) running update fill the space on the disk (hence why it was not
> > running)
> > 3) the firewall was removed (I have added it back)
> > 4) selinux is disabled. Not even enforced, disabled.
> >
> > So I am gonna mitigate the exploit right now, adding filtering and take
> > a closer look on that server for potential compromise. I might have to
> > reboot it to enable selinux, etc.
>
> So the reboot is taking longer than planned. I am not sure if it is
> stopped or rebooting however (could be just the fsck over data).
And the server is back. It seemed to have crashed when booting on a new
kernel, which is weird. I will investigate later, but for now, jenkins
was updated, and so did the server, please warn if there is any issue.
--
Michael Scherer
Sysadmin, Community Infrastructure and Platform, OSAS
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://www.gluster.org/pipermail/gluster-infra/attachments/20151109/3be52f0d/attachment.sig>
More information about the Gluster-infra
mailing list