[Halld-offline] [EXTERNAL] Re: Vulnerability on halldweb

Alexander Austregesilo aaustreg at jlab.org
Wed Aug 21 14:49:00 EDT 2024 

Dear Richard,

Thank you for letting me know. I reported this issue, and indeed some 
cyber-security tools were blocking the connections to several servers. 
Exceptions to the rules that control that system are put in place to 
allow these connections, so there should not be any further problem.

Please retry your program and let me know if the issue persists.

Best regards,

Alex


On 8/21/24 10:34, Richard Jones wrote:
> Maybe related to this, for the first time this morning I am seeing a 
> new error when trying to run hdgeant4 at UConn.
>
>
>     Error [1040]: in [bool
>     MySQLDataProvider::Connect(MySQLConnectionInfo)]
>     mysql_real_connect() failed:
>     Error 2003 (Can't connect to MySQL server on 'hallddb.jlab.org
>     <http://hallddb.jlab.org/>' (110))
>
>     terminate called after throwing an instance of 'std::logic_error'
>       what():  CONNECTION ERROR.
>     Aborted (core dumped)
>     [jonesrt at gluey test]$
>
>
> Are halldweb and hallddb the same server? Or is hallddb offline for 
> similar reasons?
> -Richard Jones
>
> On Wed, Aug 21, 2024 at 10:29 AM Richard Jones <rjones30 at gmail.com> wrote:
>
>     Maybe related to this, for the first time this morning I am seeing
>     a new error when trying to run hdgeant4 at UConn.
>
>
>         Error [1040]: in [bool
>         MySQLDataProvider::Connect(MySQLConnectionInfo)]
>         mysql_real_connect() failed:
>         Error 2003 (Can't connect to MySQL server on 'hallddb.jlab.org
>         <http://hallddb.jlab.org/>' (110))
>
>         terminate called after throwing an instance of 'std::logic_error'
>           what():  CONNECTION ERROR.
>         Aborted (core dumped)
>         [jonesrt at gluey test]$
>
>
>     Are halldweb and hallddb the same server? Or is hallddb offline
>     for similar reasons?
>     -Richard Jones
>
>     On Tue, Aug 20, 2024 at 3:18 PM Alexander Austregesilo via
>     Halld-offline <halld-offline at jlab.org> wrote:
>
>         *Message sent from a system outside of UConn.*
>
>
>         Dear Colleagues,
>
>         A vulnerability was found in httpd on our externally facing
>         web server
>         halldweb, which is still running end-of-life RHEL7. This issue
>         will be
>         fixed for RHEL9. Until the server can be rebuilt and properly
>         tested,
>         halldweb will be moved behind an external proxy.
>
>         The external DNS will resolve the proxy and the connections
>         should be
>         proxied to the current server.  This alleviates, for the time
>         being,
>         external access to the vulnerability. The expectation is that
>         this would
>         not affect the user access from offsite at all, but making any
>         change
>         can potentially cause issues.
>
>         The change is scheduled for 3:30pm today. Please let me know
>         if you
>         experience any issues. Apparently, we can easily revert this
>         change.
>
>         Best regards,
>
>         Alex
>
>         --
>         Alexander Austregesilo
>
>         Staff Scientist - Experimental Nuclear Physics
>         Thomas Jefferson National Accelerator Facility
>         Newport News, VA
>         aaustreg at jlab.org
>         (757) 269-6982
>
>         _______________________________________________
>         Halld-offline mailing list
>         Halld-offline at jlab.org
>         https://mailman.jlab.org/mailman/listinfo/halld-offline
>         <https://urldefense.proofpoint.com/v2/url?u=https-3A__nam10.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Fmailman.jlab.org-252Fmailman-252Flistinfo-252Fhalld-2Doffline-26data-3D05-257C02-257Crichard.t.jones-2540uconn.edu-257Ce6bbb70c824746e665c108dcc14ce24b-257C17f1a87e2a254eaab9df9d439034b080-257C0-257C0-257C638597783166572634-257CUnknown-257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0-253D-257C0-257C-257C-257C-26sdata-3DexQY7o3NzgH3gSNKB7zG9FCNfisOEEVc-252BeBahlsU1bs-253D-26reserved-3D0&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=9LGv0gfS3B8uAbsk8r_cEX_4GVRxd2wkj-RJy5MLidg&m=9iI080-fvv1pKjWN-fnRCpmxKCdpU3uBjMDyPX2Y8kQKklvA_xoZdQ9wVeVFBD-5&s=U0-DbLO6un10mk7U14sO5P6j6KqfEuQGBunKvXYpftg&e=>
>
-- 
Alexander Austregesilo

Staff Scientist - Experimental Nuclear Physics
Thomas Jefferson National Accelerator Facility
Newport News, VA
aaustreg at jlab.org
(757) 269-6982
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.jlab.org/pipermail/halld-offline/attachments/20240821/49113f79/attachment.html>

More information about the Halld-offline mailing list