[ucc-announce] UCC is back. CHANGE YOUR PASSWORD!

[Bernard Blackham]

12:20am Monday morning, somebody decided to wipe out UCC. Thanks to
some quick reflexes by Nick, they didn't get terribly far. As quite
a few of UCC's machines appear to have been compromised, they are
being reinstalled from scratch, one by one.

CHANGE YOUR PASSWORD as soon as you can, to something completely
new. pwgen (installed on mussel) will give you a selection of
memorable passwords to choose from. You will need to use "yppasswd"
on morwong or mussel, FROM A MACHINE YOU TRUST.

ALL ACCOUNTS WITH PASSWORDS THAT HAVE NOT BEEN CHANGED by Sunday
23rd November WILL BE LOCKED.

ssh on mussel was found to be trojaned, and logged every use of a
password or passphrase on a key in the last couple of weeks.
RECREATE YOUR SSH KEYS and CLEAN OUT authorized_keys FILES.

 - mail should be flowing once more, as asclepius churns out it's
   8000 queued mails into mooneye. No mail was lost, just a little
   held up.

 - flame is online.

 - mussel has been reinstalled. People should be able to login
   again. Webmail will return later.

 - mermaid is offline until it gets reinstalled, probably tomorrow arvo.
   this means dispense stuff and web pages.

 - mojarra is offline and will be until it gets reinstalled.

If you want any programs installed on mussel, email wheel@ucc.
Questions, comments? Reply to ucc@ucc.
Flames > /dev/zero

Change your passwords. Be paranoid. Change your ssh keys.

Lots of things are changing to prevent this happening again.
Thanks to Matt, Nick, James, Trent and others who helped out
rebuilding machines.

Regards,

Bernard.