[ibm-aix-ibmi-hosting] Recurring security scans - and actions to be taken.

Lance Albertson lance at osuosl.org
Tue Sep 21 19:09:26 UTC 2021


Here's the latest report we got yesterday. Can we please fix the NTP issue
and the X Server issue soon please?

Thanks!

On Wed, Aug 25, 2021 at 1:57 AM Michael Felt <aixtools at felt.demon.nl> wrote:

> * per below, mariadb is fixed.
> * in earlier convos, golang admins have indicated they will update the
> HTTP software.
> * I have opened a slack chat with ojdk infrastructure re: the active
> port 6000. The jenkins user is starting the program /usr/bin/X11/X - if
> it is needed for testing my proposal will be to block port 6000 on the
> WAN interface (leaving it open on 127.0.0.1).
>
> On 25/08/2021 05:44, Daniel Black wrote:
> > Opps, me looks up
> >
> > On Thu, Aug 19, 2021 at 6:44 AM Michael Felt <aixtools at felt.demon.nl>
> wrote:
> >> If you don't need any of the inetd services - also stop the inetd
> process.
> >>
> >> # /usr/sbin/chrctcp -S -d inetd
> >>
> >
> > On Wed, Aug 25, 2021 at 1:43 PM Daniel Black <daniel at mariadb.org> wrote:
> >> On Wed, Aug 25, 2021 at 10:09 AM Lance Albertson <lance at osuosl.org>
> wrote:
> >>> All,
> >>>
> >>> Thanks for resolving the issues as reported last week. It looks like
> all of the ntp problems have been resolved! I've attached the report from
> yesterday so everyone can see.
> >>>
> >>> However we do have a few issues left that need to be fixed. It appears
> that rexecd is running again on p8-aix1-mariadb.osuosl.org. We need to
> make sure that service is either disabled always or at least blocked off.
> >> Thanks Lance,
> >>
> >> Seems corrected - (thanks Michael?)
> >>
> >> root at p8-aix1-mariadb:[/root]egrep -v '^(#|$)' /etc/inetd.conf
> >> daytime stream  tcp     nowait  root    internal
> >> time    stream  tcp     nowait  root    internal
> >> daytime dgram   udp     wait    root    internal
> >> time    dgram   udp     wait    root    internal
> >> xmquery dgram   udp6    wait    root    /usr/bin/xmtopas xmtopas -p3
> >> caa_cfg stream  tcp6    nowait  root    /usr/sbin/clusterconf
> >> clusterconf >>/var/adm/ras/clusterconf.log 2>&1
> >>
> >> root at p8-aix1-mariadb:[/root]grep exec /etc/inetd.conf
> >> ##      needs to be executed for inetd to re-read the inetd.conf file.
> >> #exec    stream  tcp6    nowait  root    /usr/sbin/rexecd       rexecd
> >>
> >> Is disabling inetd possible/recommended?
> >>
> >> Is commenting all /etc/inetd.conf service the right way?
> >>
> >> Is disabling /etc/rc.tcpip to disable inetd and others sane?
> >>
> >> https://www.ibm.com/docs/en/aix/7.1?topic=files-rctcpip-file-tcpip
> >>
> >>> I'll check back on this next week to see any progress.
> --
> ibm-aix-ibmi-hosting mailing list
> ibm-aix-ibmi-hosting at osuosl.org
> https://lists.osuosl.org/mailman/listinfo/ibm-aix-ibmi-hosting
>


-- 
Lance Albertson
Director
Oregon State University | Open Source Lab
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osuosl.org/pipermail/ibm-aix-ibmi-hosting/attachments/20210921/c6901810/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: aix-20210919.csv
Type: text/csv
Size: 11096 bytes
Desc: not available
URL: <http://lists.osuosl.org/pipermail/ibm-aix-ibmi-hosting/attachments/20210921/c6901810/attachment.csv>


More information about the ibm-aix-ibmi-hosting mailing list