The email delays and other problems plaguing xenon have been fixed. During the outages over the past week most was queued and is being delivered now. The mail queues may take several hours to clear. Unfortunately, some mail was accidentally rejected, bouncing back to the sender. We have no copies of the emails and are currently unable to provide everybody with a list of failed messages.
If you haven't already done so, we highly recommend you change the password for your CSID (xenon) and SUNetID (leland) accounts, especially if they are the same username or password.
Most of the myths and pods should be up, and you should be able to login. If you are having problems because of missing software, or incompatible software verions, please report this to action@soe.stanford.edu. We may not respond directly, but we will be working hard to resolve all issues over the next 48-72 hours. Further status updates will be posted here.
If you haven't already done so, we highly recommend you change the password for your CSID (xenon) and SUNetID (leland) accounts, especially if they are the same username or password.
When you ssh into the myth, pod, or xenon systems, you will receive a waning that the host key has changed. The warning will look something like this:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is 96:90:ab:7c:29:07:52:9d:4a:7e:ad:1e:27:d8:2e:92. Please contact your system administrator. Add correct host key in /afs/ir/users/m/i/miles1/.ssh/known_hosts to get rid of this message. Offending key in /etc/ssh/ssh_known_hosts:3 RSA host key for myth has changed and you have requested strict checking. Host key verification failed.
You will need to remove the old key entry from your known_hosts file -- the error will give you the name of the file to edit and the line to remove.
The new fingerprints are:
myth/pod dsa 4b:6e:39:85:47:fd:7b:e5:03:0f:b4:9c:bc:1c:47:58 myth/pod rsa 9c:fe:9b:f2:b5:25:d0:31:fd:63:16:2d:f9:8a:b7:52 xenon dsa 02:02:c4:07:96:51:e8:e5:7b:3b:3c:de:40:63:aa:c4 xenon rsa f8:2c:1e:64:a7:8e:4a:fa:73:cd:3b:99:5f:84:ff:15
Xenon USERS: If you ssh'ed into or from xenon between 6:00 PM PST on 12 November and when xenon was taken down late on the afternoon of 13 November, we strongly recommend that you change your password. You can do this on the PEDIT web page: https://cs.stanford.edu/pedit
Login problems on Friday, Nov 20 were caused by a misconfiguration, not a second round of intrusions.
11/19/09: All myths and pods are being taken down immediately to be reinstalled. Several pods have been compromised and need to be reinstalled. If you have logged into any pod or myth machine between Nov 16 and Nov 19, it's strongly recommended that you change your password. You can do this on the StanfordYou site: https://stanfordyou.stanford.edu
Other timeshare computers to use instead: corn (ssh only), xenon (ssh only), pups (Gates B21).
As the computers come back online after being reinstalled they will be CentOS instead of Ubuntu. We will be reinstalling as many of the local software packages as we can tonight (11/19) and tomorrow. The ITS supported packages will still be in /usr/pubsw and will be available immediately.
UPDATE 11/20/09: All myths and pods are being brought back online now. We are working with course instructors where appropriate to rebuild the software environment for classes.