Hi everyone,<br><br>zaphod has been broken into again -- and probably a while ago. The intruder logged passwords in ssh and sshd, that is, not only is your zaphod password compromised, but you should also consider the passwords for all machine that you logged into from zaphod compromised as well (and hence you should change them).<br>

<br>zaphod&#39;s software unfortunately is rather out of date and it&#39;s virtually impossible to make it decently secure without rebuilding it from scratch, which I currently don&#39;t have time for. So instead, I took zaphod off the public internet and moved it into a private network, which should make future attacks less likely. I also rebuilt / reinstalled ssh and sshd on zaphod, s105 and s106. Other machines, in particular s107, lolcat, sherman, etc. had to go into the private network with it. The immediate consequence is that you won&#39;t be able to log onto to zaphod anymore for two reasons: It&#39;s not directly reachable from the outside, and I also deleted everyone&#39;s compromised passwords, so you&#39;ll have to get a new one (by stopping by my office, or emailing me if you&#39;re not local).<br>

<br>There are two ways to get onto zaphod:<br>1) indirectly: go through <a href="http://fishercat.sr.unh.edu">fishercat.sr.unh.edu</a><br>2) directly: install and configure a VPN client (openvpn) and connect directly to the private network that zaphod is on.<br>

<br>For 1), you need an account on fishercat, while for 2) you need keys etc to set up the VPN, so you&#39;ll have to see me and we&#39;ll have to figure out how to do it (I&#39;ve been using the VPN approach for quite a while and find it rather convenient after the initial setup, but can&#39;t quite remember how to create the keys etc...)<br clear="all">

<br>--Kai<br><br><br>-- <br>Kai Germaschewski<br>Assistant Professor, Dept of Physics / Space Science Center<br>University of New Hampshire, Durham, NH 03824<br>office: Morse Hall 245E<br>phone:  +1-603-862-2912<br>fax: +1-603-862-2771<br>

<br>