[Halld-offline] [EXTERNAL] Re: Vulnerability on halldweb

Wed Aug 21 17:41:18 EDT 2024

Yes, it is fixed now, thanks. -Richard

On Wed, Aug 21, 2024 at 2:49 PM Alexander Austregesilo <aaustreg at jlab.org>
wrote:

> *Message sent from a system outside of UConn.*
>
> Dear Richard,
>
> Thank you for letting me know. I reported this issue, and indeed some
> cyber-security tools were blocking the connections to several servers.
> Exceptions to the rules that control that system are put in place to allow
> these connections, so there should not be any further problem.
>
> Please retry your program and let me know if the issue persists.
>
> Best regards,
>
> Alex
>
>
> On 8/21/24 10:34, Richard Jones wrote:
>
> Maybe related to this, for the first time this morning I am seeing a new
> error when trying to run hdgeant4 at UConn.
>
>
>> Error [1040]: in [bool MySQLDataProvider::Connect(MySQLConnectionInfo)]
>> mysql_real_connect() failed:
>> Error 2003 (Can't connect to MySQL server on 'hallddb.jlab.org
>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__nam10.safelinks.protection.outlook.com_-3Furl-3Dhttp-253A-252F-252Fhallddb.jlab.org-252F-26data-3D05-257C02-257Crichard.t.jones-2540uconn.edu-257C2b6e3e464d09418d423208dcc211ef7e-257C17f1a87e2a254eaab9df9d439034b080-257C0-257C0-257C638598629550229780-257CUnknown-257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0-253D-257C0-257C-257C-257C-26sdata-3DDrjrKuqAstXVNaxo7rGDEN0LoVv2RuuKn4Jr2ePxZsQ-253D-26reserved-3D0&d=DwIFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Te_hCR4EUlJ6iCDYLJ8Viv2aDOR7D9ZZMoBAvf2H0M4&m=OhWMxzSqCOmGCvmnx4QjiMi6BePw26mwq8BFLxDcxQ45D_ZeGRtNMeQnxx98kKy2&s=HRfDGdqKvzwdhGxgNZwWpPibNCAg5wQ3Kfim2ehtzQ4&e= >'
>> (110))
>>
>> terminate called after throwing an instance of 'std::logic_error'
>>   what():  CONNECTION ERROR.
>> Aborted (core dumped)
>> [jonesrt at gluey test]$
>>
>
> Are halldweb and hallddb the same server? Or is hallddb offline for
> similar reasons?
> -Richard Jones
>
> On Wed, Aug 21, 2024 at 10:29 AM Richard Jones <rjones30 at gmail.com> wrote:
>
>> Maybe related to this, for the first time this morning I am seeing a new
>> error when trying to run hdgeant4 at UConn.
>>
>>
>>> Error [1040]: in [bool MySQLDataProvider::Connect(MySQLConnectionInfo)]
>>> mysql_real_connect() failed:
>>> Error 2003 (Can't connect to MySQL server on 'hallddb.jlab.org
>>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__nam10.safelinks.protection.outlook.com_-3Furl-3Dhttp-253A-252F-252Fhallddb.jlab.org-252F-26data-3D05-257C02-257Crichard.t.jones-2540uconn.edu-257C2b6e3e464d09418d423208dcc211ef7e-257C17f1a87e2a254eaab9df9d439034b080-257C0-257C0-257C638598629550242176-257CUnknown-257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0-253D-257C0-257C-257C-257C-26sdata-3DzwEBDrBLrb5-252FA4r0ekRcytZHxRAq8c-252FE-252BdXx7WYehs8-253D-26reserved-3D0&d=DwIFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Te_hCR4EUlJ6iCDYLJ8Viv2aDOR7D9ZZMoBAvf2H0M4&m=OhWMxzSqCOmGCvmnx4QjiMi6BePw26mwq8BFLxDcxQ45D_ZeGRtNMeQnxx98kKy2&s=1fXjEX2BZ_cB0j4V346Hl2vgdkYIKfKI2mXsmxrWutU&e= >'
>>> (110))
>>>
>>> terminate called after throwing an instance of 'std::logic_error'
>>>   what():  CONNECTION ERROR.
>>> Aborted (core dumped)
>>> [jonesrt at gluey test]$
>>>
>>
>> Are halldweb and hallddb the same server? Or is hallddb offline for
>> similar reasons?
>> -Richard Jones
>>
>> On Tue, Aug 20, 2024 at 3:18 PM Alexander Austregesilo via Halld-offline <
>> halld-offline at jlab.org> wrote:
>>
>>> *Message sent from a system outside of UConn.*
>>>
>>>
>>> Dear Colleagues,
>>>
>>> A vulnerability was found in httpd on our externally facing web server
>>> halldweb, which is still running end-of-life RHEL7. This issue will be
>>> fixed for RHEL9. Until the server can be rebuilt and properly tested,
>>> halldweb will be moved behind an external proxy.
>>>
>>> The external DNS will resolve the proxy and the connections should be
>>> proxied to the current server.  This alleviates, for the time being,
>>> external access to the vulnerability. The expectation is that this would
>>> not affect the user access from offsite at all, but making any change
>>> can potentially cause issues.
>>>
>>> The change is scheduled for 3:30pm today. Please let me know if you
>>> experience any issues. Apparently, we can easily revert this change.
>>>
>>> Best regards,
>>>
>>> Alex
>>>
>>> --
>>> Alexander Austregesilo
>>>
>>> Staff Scientist - Experimental Nuclear Physics
>>> Thomas Jefferson National Accelerator Facility
>>> Newport News, VA
>>> aaustreg at jlab.org
>>> (757) 269-6982
>>>
>>> _______________________________________________
>>> Halld-offline mailing list
>>> Halld-offline at jlab.org
>>>
>>> https://urldefense.proofpoint.com/v2/url?u=https-3A__nam10.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Fmailman.jlab.org-252Fmailman-252Flistinfo-252Fhalld-2Doffline-26data-3D05-257C02-257Crichard.t.jones-2540uconn.edu-257Ce6bbb70c824746e665c108dcc14ce24b-257C17f1a87e2a254eaab9df9d439034b080-257C0-257C0-257C638597783166572634-257CUnknown-257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0-253D-257C0-257C-257C-257C-26sdata-3DexQY7o3NzgH3gSNKB7zG9FCNfisOEEVc-252BeBahlsU1bs-253D-26reserved-3D0&d=DwIFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Te_hCR4EUlJ6iCDYLJ8Viv2aDOR7D9ZZMoBAvf2H0M4&m=OhWMxzSqCOmGCvmnx4QjiMi6BePw26mwq8BFLxDcxQ45D_ZeGRtNMeQnxx98kKy2&s=FWDIHtkBFXFK6bmkfg-sVk5YpNUD7d57BxgnGmuxPls&e= 
>>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__nam10.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Furldefense.proofpoint.com-252Fv2-252Furl-253Fu-253Dhttps-2D3A-5F-5Fnam10.safelinks.protection.outlook.com-5F-2D3Furl-2D3Dhttps-2D253A-2D252F-2D252Fmailman.jlab.org-2D252Fmailman-2D252Flistinfo-2D252Fhalld-2D2Doffline-2D26data-2D3D05-2D257C02-2D257Crichard.t.jones-2D2540uconn.edu-2D257Ce6bbb70c824746e665c108dcc14ce24b-2D257C17f1a87e2a254eaab9df9d439034b080-2D257C0-2D257C0-2D257C638597783166572634-2D257CUnknown-2D257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0-2D253D-2D257C0-2D257C-2D257C-2D257C-2D26sdata-2D3DexQY7o3NzgH3gSNKB7zG9FCNfisOEEVc-2D252BeBahlsU1bs-2D253D-2D26reserved-2D3D0-2526d-253DDwMFaQ-2526c-253DCJqEzB1piLOyyvZjb8YUQw-2526r-253D9LGv0gfS3B8uAbsk8r-5FcEX-5F4GVRxd2wkj-2DRJy5MLidg-2526m-253D9iI080-2Dfvv1pKjWN-2DfnRCpmxKCdpU3uBjMDyPX2Y8kQKklvA-5FxoZdQ9wVeVFBD-2D5-2526s-253DU0-2DDbLO6un10mk7U14sO5P6j6KqfEuQGBunKvXYpftg-2526e-253D-26data-3D05-257C02-257Crichard.t.jones-2540uconn.edu-257C2b6e3e464d09418d423208dcc211ef7e-257C17f1a87e2a254eaab9df9d439034b080-257C0-257C0-257C638598629550249114-257CUnknown-257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0-253D-257C0-257C-257C-257C-26sdata-3DiCpWB2-252F1iYkmWVdEhbnkteNx3K6oPcFcgg1D20mGyTk-253D-26reserved-3D0&d=DwIFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Te_hCR4EUlJ6iCDYLJ8Viv2aDOR7D9ZZMoBAvf2H0M4&m=OhWMxzSqCOmGCvmnx4QjiMi6BePw26mwq8BFLxDcxQ45D_ZeGRtNMeQnxx98kKy2&s=CDJS3lK8zfzWh_3JQb9juRGJ5TmZtznhK7x-M2XmqHM&e= >
>>>
>> --
> Alexander Austregesilo
>
> Staff Scientist - Experimental Nuclear Physics
> Thomas Jefferson National Accelerator Facility
> Newport News, VAaaustreg at jlab.org
> (757) 269-6982
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.jlab.org/pipermail/halld-offline/attachments/20240821/1dbaea28/attachment-0001.html>