Changes between Version 6 and Version 7 of GENIRacksHome/InstageniRacks/AcceptanceTestStatus/IG-ADM-2
- Timestamp:
- 05/16/12 10:27:44 (12 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
GENIRacksHome/InstageniRacks/AcceptanceTestStatus/IG-ADM-2
v6 v7 5 5 ''This page is GPO's working page for performing IG-ADM-2. It is public for informational purposes, but it is not an official status report. See [wiki:GENIRacksHome/InstageniRacks/AcceptanceTestStatus] for the current status of InstaGENI acceptance tests.'' 6 6 7 ''Last substantive edit of this page: 2012-05-1 5''7 ''Last substantive edit of this page: 2012-05-16'' 8 8 9 9 == Page format == … … 20 20 21 21 || '''Step''' || '''State''' || '''Date completed''' || '''Tickets''' || '''Comments''' || 22 || 1A || [[Color( orange,Blocked)]] || || instaticket:18 || blocked on IG verification of root sshd behavior||23 || 1B || || || || ready to test||22 || 1A || [[Color(green,Pass)]] || || instaticket:18 || question about root SSH access was resolved satisfactorily with no change to rack || 23 || 1B || [[Color(green,Pass)]] || || || || 24 24 || 1C || || || || ready to test || 25 25 || 2A || || || || ready to test || … … 144 144 * Login does not succeed via any unencrypted login protocol 145 145 146 ==== Results of testing: 2012-05-16 ==== 147 148 Note: this isn't a penetration test. I'm just looking for known unencrypted login protocols on public networks. On FreeBSD, `sockstat -lL46` shows IPv4 and IPv6 listeners on non-loopback networks. 149 150 I found the following listeners, none of which are problematic for our purposes here: 151 {{{ 152 httpd 153 sshd 154 inetd (serving the flashpolicy service for Flack) 155 sslxmlrpc_server.py (emulab) 156 sdcollectd (emulab) 157 capserver (emulab) 158 tmcd (emulab) 159 bootinfo (emulab) 160 dhcpd 161 sendmail 162 pubsubd (emulab) 163 mfrisbeed (emulab) 164 ntpd 165 mountd 166 rpcbind 167 named 168 syslogd 169 }}} 170 146 171 === Step 1C: verify sudo and sudo logging === 147 172