[NSC-users] Security breach - accounts disabled
Leif Nixon
nixon at nsc.liu.se
Wed Jun 16 12:42:30 CEST 2004
Dear NSC users,
During the last few days a number of intrusions have been detected on
NSC systems.
User accounts have been accessed using stolen passwords. In a couple
of cases the intruder has managed to gain elevated privileges.
Apparently the passwords were initially stolen from users who used ssh
to log in to NSC systems from compromised computers on Chalmers.
!!!!!!!!!!!!!!!!!!!!!!!!
Due to the widespread nature of this security breach, all accounts on
all NSC systems will be disabled. New passwords will be sent out by
(paper) mail. More information on that process will be available as we
work out the details.
!!!!!!!!!!!!!!!!!!!!!!!!
If you have used ssh (or scp) to access other systems *from* NSC
systems the last few days, you are strongly advised to change your
password on those other systems. Also, please inform the
administrators of those systems about this issue. (Refer them to
support at nsc.liu.se for further technical information.)
We understand that these measures will be a great inconvenience to
you. However, we have to treat security issues in the strictest
possible fashion, and hope for your understanding.
--
Leif Nixon Systems expert
------------------------------------------------------------
National Supercomputer Centre Linkoping University
------------------------------------------------------------
More information about the NSC-users
mailing list