[ibm-aix-ibmi-hosting] [DKIM] Current security issues 2022-04-04

Michael Felt aixtools at felt.demon.nl
Fri Apr 8 09:42:29 UTC 2022


Hello Lance,

 

Re: adopt01 – false flag

Re: adopt08 – not true re: rexecd or telnet (inetd is switched off); I’ll have to look at the OpenSSL one more closely, but the OpenSSL installed is not different from the other hosts; Xserver: depends on the test set I guess. It is not a real Xserver, just the port open for a moment for testing, or a hung process. Re: NTP – only difference is that it queries ?.pool.ntp.org rather than time.osu.org (updating that). All servers have this line – which is supposed to be blocking the reports: `restrict default notrust nomodify nopeer noquery notrap`

 

I’ll take a close look at adopt09 and adpot10 (as they have no been run through the ansible playbooks yet).

 

It was my understanding that the golang project would be (had?) addressed the Apache server already.

 

Regards,

Michael

 

p.s. My service provider had been putting these mails into SPAM. Sorry for the delayed response.

 


 <mailto:aixtools at felt.demon.nl>  

Michael Felt 

 


Mobile +31 (0)6 5184 4181 

Email aixtools at felt.demon.nl 

 

 

 

From: ibm-aix-ibmi-hosting <ibm-aix-ibmi-hosting-bounces at osuosl.org> On Behalf Of Lance Albertson
Sent: Wednesday, 6 April 2022 20:54
To: ibm-aix-ibmi-hosting at osuosl.org
Subject: [DKIM] [ibm-aix-ibmi-hosting] Current security issues 2022-04-04

 

It's been a while since I've sent an email related to the security reports we have on the various AIX systems. I figured I'd create a new thread monthly so we can track these a little better and make some additional progress.

 

Overall, the AIX machines are doing fairly well from a security report standpoint. However there are still a few recurring issues that need to be addressed.

 

p8-aix2-golang.osuosl.org <http://p8-aix2-golang.osuosl.org> : Apache needs upgraded

p8-java1-adopt08.osuosl.org <http://p8-java1-adopt08.osuosl.org> : rexecd, SSL issues, Telnet, NTP, X server

p8-java1-adopt09.osuosl.org <http://p8-java1-adopt09.osuosl.org> : NTP

 

Can we please get these addressed soon? I've attached the latest report which provides detailed information.

 

Thanks-

 

-- 

Lance Albertson

Director

Oregon State University | Open Source Lab 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osuosl.org/pipermail/ibm-aix-ibmi-hosting/attachments/20220408/c9170df5/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 4455 bytes
Desc: not available
URL: <http://lists.osuosl.org/pipermail/ibm-aix-ibmi-hosting/attachments/20220408/c9170df5/attachment-0001.png>


More information about the ibm-aix-ibmi-hosting mailing list