Difference: GlideinWMSCrabSSC6 (6 vs. 7)

Revision 72012/08/31 - Main.JamesLetts

Line: 1 to 1
 
META TOPICPARENT name="GlideinWMSCrab"

PROCEDURES FOR GLIDEINWMS CRAB SERVER DURING THE CMS SECURITY CHALLENGE SSC6

Line: 27 to 27
 condor_hold uscmsxxx
Changed:
<
<
As root, block the local userid in the /etc/passwd file on all submitter nodes by appending something to the userid like uscmsxxxBLOCKED. This will help in cleanup later. Effectively this will block any further submissions by denying the ability of the compromised DN to use gridftp or glexec on the server.
>
>
As root, block the local userid in the /etc/passwd file on all submitter nodes by appending something to the userid like uscmsxxxBLOCKED. This will help in cleanup later. Effectively this will block any further submissions by denying the ability of the compromised DN to use gridftp or glexec on the server. Also, send an e-mail to Terrence at UCSD to block the user DN in the UCSD GUMS server. While this is the best way to block a user DN completely, depending on the time of day it may not be the quickest.
 

Collecting Information

 
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback