At 5:00pm today there will be a brief outage of all the WordPress sites on press3.mcs.anl.gov including those below. This is so applied security updates can take effect. The outage is expected to only last a few minutes and an all clear will be sent when the server and sites are back. If this outage poses a problem please email firstname.lastname@example.org so we can work with you on it.
The next CIS maintenance weekend will be Friday January 17 through Sunday January 19, 2014. The scope of the work to be done on this weekend is still being determined. Please let us know if there are particular concerns you have with this window.
At my request, CIS took a break from the migrations while I was away on vacation over Thanksgiving. Now that I’m back, we’re going to continue them up until the break, then pick up again in the new year. The plan remains as it was — you’ll get a notification a couple of days before the migration will take place, one when it starts, and one when it finishes. Remember, if the migration slot you’ve been assigned doesn’t work for you, simply let them know you’d like to be rescheduled. I saw the first batch of announcements for Thursday evening’s migrations go out today. Thanks!
In coordination with the Cyber security office, our wordpress infrastructure is back online as of 14:40 this afternoon and we have restored all the wordpress sites listed in the initial message.
Very fortunately we were able to restore them to a known clean state from backups that were made at 01:00:00 11/21/20213 (one AM this morning). This means that very few, (possibly no), changes were lost. However if you have made any changes to any of these sites this morning then you will need to make those changes again. We regret the inconvenience, but it was necessary to be confident that no residual evil remained.
The short story on the incident is that a very new vulnerability in a wordpress plugin made it possible for a baddy to insert some content on the server at 10:49 Am this morning. We became aware of it by 11 AM and soon after had made the content made unavailable to the internet. The server was patched, restored to a known clean state and put back into production by 14:40.
If you would like more details please feel free to contact us at email@example.com, we’d be happy to take the opportunity to brag about how well we managed the issue.
We regret to announce that we needed to disable access to some of the web sites that we manage. At this time we are investigating suspicious activity on many of our WordPress web sites.
For the time being the following sites are unavailable for web access, any attempt to access any of these sites will timeout:
argo-osr.org extremecomputingtraining.anl.gov press3.mcs.anl.gov symposium30.cels.anl.gov
cerisc.mcs.anl.gov inside.cels.anl.gov sc11.anl.gov tcs.anl.gov
estrfi.cels.anl.gov papka.alcf.anl.gov sc12.anl.gov http://www.mpich.org
We will restore access to the websites as soon as we can, we’ll send out updates as necessary, and will have more details of the exact nature of the issue as soon as we can.
We regret this interruption in service, and thank you for your patience.
More details to come
Please direct any inquiries to firstname.lastname@example.org
Max Trefonides for MCS Systems
A phishing mail is making the rounds purporting to be regarding uchicago webmail. This is a malicious mail and should be disregarded.
If you did follow the link and put any information in, please let me know. Thanks.
Adobe announced that the user data of nearly 150 million people was exposed to hackers. I’ve included a link to an article on the break-in from The Guardian. The database of lost information is huge, however, there’s a tool to see if your data has been compromised that’s linked in the Guardian article.
I’m waiting to hear if ANL Cyber is running through the database to find affected users, but regardless, there’s two things you should do.
1) Adobe has been sending out notices to people with Adobe accounts, encouraging them to change their passwords. This is good advice, regardless of whether your data is exposed.
2) Hopefully, you don’t reuse passwords across different sites. But if you do, then you can assume that whoever knows your adobe password now can know your password on any site where you used the same one. As such, aside from making your Adobe password unique, you should also change your password anywhere else that you used that password (and make each of them unique as well).
The Guardian article can be a bit technical, but it’s worth a look, especially for the last few paragraphs where it links to tools you can use for password management. I use 1Password myself, but I know others who use the other ones linked and are happy.
Please see the announcement below. Short story is that next weekend the following services will be down for some portion of the weekend: Wifi, VPN, and CIS Windows Servers. Also, you may see warnings on wireless certificates come the following Monday. This is to be expected.
Major maintenance activities are planned for the weekend of November 8-10. Work will commence at 5:00 pm on Fri, 11/8 and continue through 7:00 pm on Sun. 1/10. Expect that any laboratory network and core IT services may be effected throughout the weekend. Please note;
- the central CIS Windows file server cluster will be down the entire weekend for transition to new hardware. This means NO network home directories for OPS users and divisions for which CIS provides Windows file services.
- VPN will be down for the installation of new hardware on Sat. from approximately 10:00 – 14:00
- wifi will be down all day Sat. Since new hardware is being installed, users may receive new or changed certificate warnings upon connecting to the Auth wireless networks. The new certificates are legitimate and can be safely accepted.
Starting next week, we’ll begin the process of migrating users from Zimbra to Exchange. The process will take place over the coming weeks and wrap up around the holiday break at end of year.
When you’re next on the schedule, you’ll get a notification a couple of business days beforehand letting you know, another note the day the migration begins, and a note when it’s complete (the last note going to your new mailbox). The migrations will happen overnight, and CIS will have someone here to personally visit everyone who’s migrated to make sure they’re okay and set up correctly. We’ll also do our best to help out if you can’t get things working.
Once the move starts, all your new mail will arrive at your new mailbox. In the background, your existing messages in Zimbra will be copied over to the new mailbox. Depending on the size of your mailbox, it may take some time for all your messages to get copied to the new mailbox. After the move is complete, your old mailbox will still be available at https://zimbra.anl.gov for some time. We’ll make an announcement before it goes away for good.
When you get the notice of your move, be sure to let them know of any issues you may have. For instance, if you tend to arrive before normal business hours and think you’ll need help getting things set up, let them know so plans can be made to accommodate that.
We’ll be sending updates with helpful tips as we encounter them. The Systems group will be the first ones to migrate over, and will be spending next week ironing out any kinks we encounter with the process.
Being pre-emptive here (since we’ve had one already)… don’t ask systems about upgrades to OS X 10.9 yet. We don’t have any answers. It was just announced, including the revolutionary pricing of “free”.
If you install it on your own, godspeed to you. Your support is the Apple Store genius bar. We’ll make an announcement to the list when we’ve had a chance to play with it and see what it breaks.