Feb 02, 2009 15:47
There has been a large, widespread attack on SSH servers and Windows services across campus the last 12 days, which has claimed at least five known computers. LUG has been maintaining somewhere between 10 000 and 300 000 banned IP addresses under fail2ban's default 10-minute timeout over the last few days.
As a result of this, though it is coming primarily from the 205.* range (IE, off-campus), IT services has been cracking down on people left and right in areas that have never been looked at before (MTU did not actively monitor traffic within Resnet up until a week or so ago), and as such, media streaming servers, public data stores, and other things that many people in the CSLC are accustomed to running are being targeted in a large way. Several have been taken down permanently already.
The long and short of this is that, while frondeur will be going back up this evening, I do not know whether it will stay up. Only time will tell.
--
Andrew G. Meyer
"Memento Mori Ergo Carpe Diem"
security,
paranoia