Server Room Tragedy: #10
Server Room Tragedy series was started by nirnimesh sir. But now he is out of campus and no one is reporting the blunders that are still being done by the server room staff. We need to highlight the problems(apart from several other things) that the stupid server room staff is creating. So I thought I might report the latest tragedy in the same series. I hope there is no copyright issue :) Links to the previous 9 tragedies are at the end of the post.
Well... 200 was hacked!!! Yes! On monday evening(30th Oct. 2006), students logging into 200 were greeted with the message :-
"You have no profile. Permission Denied."
The prompt was changed by the hacker to "I don't have a name".
Running pine would ask you "who are you?"
[UPDATE: If someone has a screenshot supporting this, please mail me. I would like to put that here as a proof.]
As far as I know, this was the first time in the history of IIIT that 200 was hacked... Not stupid hacking... but someone could actually hack into the system and change so many things that only the root user could.
The server room staff responded by blocking telnet and ftp on 200. They didnt give any reason or explanation. With no student sysadmin, the student community doesn't even know what actually happened, how was it hacked. So we can't even say whether blocking telnet and ftp is the right move.
I bet they(server room staff) don't even know how it happened. They just blocked ftp and telnet to show that "They are doing something". Someone must have told them that ftp and telnet are insecure and then they just blindly blocked these services.
Here are the links to previous 9 server room tragedies reported by nirnimesh sir:-
http://nirnimesh.blogspot.com/2006/04/server-room-tragedy-1.html
http://nirnimesh.blogspot.com/2006/04/server-room-tragedy-2.html
http://nirnimesh.blogspot.com/2006/05/server-room-tragedy-3.html(hilarious as well :P)
http://nirnimesh.blogspot.com/2006/05/server-room-tragedy-4.html
http://nirnimesh.blogspot.com/2006/06/server-room-tragedy-5.html
http://nirnimesh.blogspot.com/2006/06/server-room-tragedy-6.html
http://nirnimesh.blogspot.com/2006/06/server-room-tragedy-7.html
http://nirnimesh.blogspot.com/2006/07/server-room-tragedy-8.html
http://nirnimesh.blogspot.com/2006/07/server-room-tragedy-9.html
PS: Feel free to bug/flame/spam sysadmins at http://students.iiit.ac.in/sysadmins/suggession.htm .
Technorati: server room tragedy, iiit
4 comments:
Thanks for continuing the tragedy list ....
:O shockin that 200 was hacked.
Dear Sandeep,
Lets revisit what all happened.
1) Some UG1 people found strange things happening to their 200 logins.
2) They reported this to server room. When enquired if someone else has their password they said NO. But their .bash_profile were tampered.
3) So somebody could authenticate their 200 login without the victim telling the password to anyone.
4) Ways of authenticating we discovered.
a) Stealing of RSA Authentication Key. [Used for automatic login]
b) Use of Key-loggers
c) Packet sniffing for password over un-encrypted protocols.
To take care of [c], the ftp and telnet protocols, which send passwords as plaintext were blocked.
Was all this really a tragedy?
@Sugandh:
1. It didn't happen only with some UG1 students, but with everyone in IIIT for a span of about 2 hours in evening. It happened to me also and I never use telnet and ftp. I use only ssh and scp/winscp. Now changing everyone's .bash_profile definitely requires super user privileges. So someone did get superuser priviliges somehow. [This also proves that server room does not know yet that this was an all iiit problem. LOL at them.]
2. Now, this is a point that I wanted to raise for quite some time.
The server room staff is actually using students to help themselves bail out of problems and yet they say they don't need student sysadmins. I have seen in past two months you and Devansh sir have been helping them quite a lot. Here are a few examples:-
(i) For wlan registration, they kept asking for mails for 2-3 weeks. Now when everyone sent the mails, they realised that its very difficult now to extract the data from mails and use them. So finally you and Devansh sir helped them in making a portal. Now see, they can't even make a small html page with form. And without your help you can imagine their state.
(ii) Recently there was another tragedy- they did something that disabled SAS. They didnt even know that SAS is used in various portals at IIIT, including the all important mess portal. Again Devansh sir bailed them out. Without his help, they could not have corrected it.
(iii) You two also helped them in setting up the moderation of mailing lists.
Now also, regarding this 200 hack, you have all the internal information. This means you people did help them in coming out of this problem.
So, isn't it a tragedy that the server room staff can't do a single thing without student's help.
Also I wanted to say to you and Devansh sir for a long time, not to help them. You are bailing them out. If you don't help them, then the server room will come down on its knees, and the faculty will be able to see the real picture.
So please, don't help them.
Post a Comment