[openstack-dev] [neutron] [third-party] Freescale CI log site is being blocked

trinath.somanchi at freescale.com trinath.somanchi at freescale.com
Mon Aug 11 16:17:05 UTC 2014


Hi-

Today I contacted the service provider regarding the malware in the website. Got a response that website is truly functional and malware free.

I too have verified all the directories, subdirectories and log files manually for any malware injected into the website. I have detected none.

There is no anonymous login enabled for FTP or cPanel login to the server. The FTP is protected with Strong Passcode.

This is an update from my end. 

Like all other CI's now normal browsing of logs is available for view.

The CI is made down to take the above explained changes to take place. Now the CI is active running the jobs.

All the old logs are present as in place. 

You may browse the old logs using the url 

For ML2 Mechanism driver : http://fslopenstackci.com/{change_number}/{change_patchset}/Freescale-ML2-Mechanism-Driver
For FWaaS Plugin : http://fslopenstackci.com/{change_number}/{change_patchset}/Freescale-FWaaS-Plugin

Now I have updated the CI to create a BUILD directory as well to showcase logs for "rechecks".

With this new change the log URL will be 

For ML2 Mechanism driver : http://fslopenstackci.com/{build_number}/{change_number}/{change_patchset}/Freescale-ML2-Mechanism-Driver
For FWaaS Plugin : http://fslopenstackci.com/{build_number}/{change_number}/{change_patchset}/Freescale-FWaaS-Plugin


Hi Mestery-

Kindly please verify the access to the site. 

Also, if it's still in blocking mode, kindly mail me the logs with Cisco WSA to verify the reason behind this blocking.

Kindly help me with your review on my code at https://review.openstack.org/#/c/109659/

Thanking  you all.

--
Trinath Somanchi - B39208
trinath.somanchi at freescale.com | Mob: +91 9866 235 130

-----Original Message-----
From: Anita Kuno [mailto:anteaya at anteaya.info] 
Sent: Saturday, August 09, 2014 11:09 AM
To: openstack-dev at lists.openstack.org
Subject: Re: [openstack-dev] [neutron] [third-party] Freescale CI log site is being blocked

On 08/08/2014 11:27 PM, trinath.somanchi at freescale.com wrote:
> Thanks anita for the reply.
> 
> Previously the existing server is accessible by kyle. But now its not being accessible. 
> 
> For the paid hosting I have its administered by godaddy
If you are paying godaddy to administer the server, have you asked them why one of your users has acknowledged your site is blacklisted by Cisco WSA appliances?

If you are paying them to administer your server, answering your question falls within their job.

You need to find out the reason behind Cisco security blocking, that is what I am asking you to do. It if fine if you don't know, but it is your responsibility to find out.

Thanks Trinath,
Anita.

> and the FTP is only accessed by Jenkins. 
> 
> I can try relocating FTP web based file browser script and provide a normal view of files. 
> 
> Don't know the reason behind Cisco Security blocking the access where it has given access to view the website before.
> 
> Thanks a lot again for the brief email.
> 
> 
> --
> Trinath Somanchi - B39208
> trinath.somanchi at freescale.com | extn: 4048
> 
> -----Original Message-----
> From: Anita Kuno [mailto:anteaya at anteaya.info]
> Sent: Saturday, August 09, 2014 10:21 AM
> To: openstack-dev at lists.openstack.org
> Subject: Re: [openstack-dev] [neutron] [third-party] Freescale CI log 
> site is being blocked
> 
> On 08/08/2014 10:06 PM, trinath.somanchi at freescale.com wrote:
>> Hi Sumit-
>>
>> When I try to paste a large log text into paste.openstack, It is giving me image verification and says its spam.
> Let's not confuse paste.openstack.org's spam blocker from spam blockers on servers. They are two separate functionalities and the conversation does not move forward if we try to pretend they are the same thing or even remotely related, which they are not.
> 
> If you recall, Trinath, the first server you had got hacked since you had not hardened it appropriately. Having hosting via go daddy or any other paid hosting service does not absolve you of the responsibility of having a well maintained server. If you need help maintaining your server, I suggest you contract a server administrator to advise you or do the work. We have to assume a certain level of competence here, due to the responsibility involved I don't think you are going to get many responses to questions if you don't know how to maintain your server.
> This isn't really the the place to ask. Running your third party ci system and copying the logs, sure this is the place, basic server maintenance is your responsibility.
> 
> If you recall, a basic evaluation of your server logs told you you had been hacked the last time. This might be a place to start now.
> 
> In any case, please maintain your server and please address Kyle's concerns.
> 
> Thank you Trianth,
> Anita.
>>
>> I don't know why its taken as spam/malware. It's a paid hosting I had from GODADDY.
>>
>> --
>> Trinath Somanchi - B39208
>> trinath.somanchi at freescale.com | extn: 4048
>>
>> -----Original Message-----
>> From: Sumit Naiksatam [mailto:sumitnaiksatam at gmail.com]
>> Sent: Saturday, August 09, 2014 1:12 AM
>> To: OpenStack Development Mailing List (not for usage questions)
>> Subject: Re: [openstack-dev] [neutron] [third-party] Freescale CI log 
>> site is being blocked
>>
>> Actually I am able to access the logs in this CI over the internet 
>> and through my service provider. I have copy-pasted the log from the 
>> latest freescale run here (to validate if this is indeed the latest
>> run):
>> http://paste.openstack.org/show/92229/
>>
>> But good point Kevin, when I was trying to post this on paste, it did complain about the log text appearing like spam.
>>
>> On Fri, Aug 8, 2014 at 10:58 AM, Kevin Benton <blak111 at gmail.com> wrote:
>>> Does your log server allow anonymous uploads that caused it to host 
>>> malware or something that led to it being blocked?
>>>
>>>
>>> On Fri, Aug 8, 2014 at 7:12 AM, Kyle Mestery <mestery at mestery.com> wrote:
>>>>
>>>> Trinath:
>>>>
>>>> In looking at your FWaaS review [1], I noticed the site you are 
>>>> using for log storage is being blacklisted again, at least by Cisco 
>>>> WSA appliances. Thus, I cannot see the logs for it. Did you change 
>>>> the location of your log storage again? Is anyone else seeing this issue?
>>>>
>>>> Thanks,
>>>> Kyle
>>>>
>>>>
>>>> [1] https://review.openstack.org/#/c/109659/
>>>>
>>>> _______________________________________________
>>>> OpenStack-dev mailing list
>>>> OpenStack-dev at lists.openstack.org
>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>
>>>
>>>
>>>
>>> --
>>> Kevin Benton
>>>
>>> _______________________________________________
>>> OpenStack-dev mailing list
>>> OpenStack-dev at lists.openstack.org
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>
>>
>> _______________________________________________
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>> _______________________________________________
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
> 
> 
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> 
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> 


_______________________________________________
OpenStack-dev mailing list
OpenStack-dev at lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev



More information about the OpenStack-dev mailing list