Watch out for that port-scanner half a planet away...
It was a cold Wednesday morning. The inhabitants of Coral and Maple were busy with their daily bustle of intense research activity. Dr. Marie desJardins walks in to the lab and says "Could someone shut this window on sprocket?" Curious we assemble around our good ol'server (sprocket). Lo and behold! There is a Safari window open with a fairly graphic picture from a porn website in Israel open!
A whirl of activity ensues. Disturbing questions are asked - Who did this? How to prevent it? How to track this down? Was it just a prank or a malicious attack? Are Mac servers (gulp! gulp!) vulnerable? (Incidentally, slashdot carried this post on two days back)
The obvious suggestions are all made and shot down in turn. Concerned lookers-on (self included) throw in their tuppence-worth nonetheless - check Safari's history, check network usage, check VNC's logs... After a frantic morning of grepping through logs and other thingmajigs, our sys-admins track the attack down to an IP address in Israel. They confirmed it wasn't malicious. (Why would someone want to remote login to a computer and watch porn on it?)
Moral of the story: Logout of your computer when you leave.
3 Comments:
Can we get a link to the porn?
@Joe - I so expected this one when I wrote the post. And for some reason, I thought it would be you who'd make this comment... :D
I'm very predictible :)
Post a Comment
<< Home