Hi- Today I contacted the service provider regarding the malware in the website. Got a response that website is truly functional and malware free.
I too have verified all the directories, subdirectories and log files manually for any malware injected into the website. I have detected none. There is no anonymous login enabled for FTP or cPanel login to the server. The FTP is protected with Strong Passcode. This is an update from my end. Like all other CI's now normal browsing of logs is available for view. The CI is made down to take the above explained changes to take place. Now the CI is active running the jobs. All the old logs are present as in place. You may browse the old logs using the url For ML2 Mechanism driver : http://fslopenstackci.com/{change_number}/{change_patchset}/Freescale-ML2-Mechanism-Driver For FWaaS Plugin : http://fslopenstackci.com/{change_number}/{change_patchset}/Freescale-FWaaS-Plugin Now I have updated the CI to create a BUILD directory as well to showcase logs for "rechecks". With this new change the log URL will be For ML2 Mechanism driver : http://fslopenstackci.com/{build_number}/{change_number}/{change_patchset}/Freescale-ML2-Mechanism-Driver For FWaaS Plugin : http://fslopenstackci.com/{build_number}/{change_number}/{change_patchset}/Freescale-FWaaS-Plugin Hi Mestery- Kindly please verify the access to the site. Also, if it's still in blocking mode, kindly mail me the logs with Cisco WSA to verify the reason behind this blocking. Kindly help me with your review on my code at https://review.openstack.org/#/c/109659/ Thanking you all. -- Trinath Somanchi - B39208 [email protected] | Mob: +91 9866 235 130 -----Original Message----- From: Anita Kuno [mailto:[email protected]] Sent: Saturday, August 09, 2014 11:09 AM To: [email protected] Subject: Re: [openstack-dev] [neutron] [third-party] Freescale CI log site is being blocked On 08/08/2014 11:27 PM, [email protected] wrote: > Thanks anita for the reply. > > Previously the existing server is accessible by kyle. But now its not being > accessible. > > For the paid hosting I have its administered by godaddy If you are paying godaddy to administer the server, have you asked them why one of your users has acknowledged your site is blacklisted by Cisco WSA appliances? If you are paying them to administer your server, answering your question falls within their job. You need to find out the reason behind Cisco security blocking, that is what I am asking you to do. It if fine if you don't know, but it is your responsibility to find out. Thanks Trinath, Anita. > and the FTP is only accessed by Jenkins. > > I can try relocating FTP web based file browser script and provide a normal > view of files. > > Don't know the reason behind Cisco Security blocking the access where it has > given access to view the website before. > > Thanks a lot again for the brief email. > > > -- > Trinath Somanchi - B39208 > [email protected] | extn: 4048 > > -----Original Message----- > From: Anita Kuno [mailto:[email protected]] > Sent: Saturday, August 09, 2014 10:21 AM > To: [email protected] > Subject: Re: [openstack-dev] [neutron] [third-party] Freescale CI log > site is being blocked > > On 08/08/2014 10:06 PM, [email protected] wrote: >> Hi Sumit- >> >> When I try to paste a large log text into paste.openstack, It is giving me >> image verification and says its spam. > Let's not confuse paste.openstack.org's spam blocker from spam blockers on > servers. They are two separate functionalities and the conversation does not > move forward if we try to pretend they are the same thing or even remotely > related, which they are not. > > If you recall, Trinath, the first server you had got hacked since you had not > hardened it appropriately. Having hosting via go daddy or any other paid > hosting service does not absolve you of the responsibility of having a well > maintained server. If you need help maintaining your server, I suggest you > contract a server administrator to advise you or do the work. We have to > assume a certain level of competence here, due to the responsibility involved > I don't think you are going to get many responses to questions if you don't > know how to maintain your server. > This isn't really the the place to ask. Running your third party ci system > and copying the logs, sure this is the place, basic server maintenance is > your responsibility. > > If you recall, a basic evaluation of your server logs told you you had been > hacked the last time. This might be a place to start now. > > In any case, please maintain your server and please address Kyle's concerns. > > Thank you Trianth, > Anita. >> >> I don't know why its taken as spam/malware. It's a paid hosting I had from >> GODADDY. >> >> -- >> Trinath Somanchi - B39208 >> [email protected] | extn: 4048 >> >> -----Original Message----- >> From: Sumit Naiksatam [mailto:[email protected]] >> Sent: Saturday, August 09, 2014 1:12 AM >> To: OpenStack Development Mailing List (not for usage questions) >> Subject: Re: [openstack-dev] [neutron] [third-party] Freescale CI log >> site is being blocked >> >> Actually I am able to access the logs in this CI over the internet >> and through my service provider. I have copy-pasted the log from the >> latest freescale run here (to validate if this is indeed the latest >> run): >> http://paste.openstack.org/show/92229/ >> >> But good point Kevin, when I was trying to post this on paste, it did >> complain about the log text appearing like spam. >> >> On Fri, Aug 8, 2014 at 10:58 AM, Kevin Benton <[email protected]> wrote: >>> Does your log server allow anonymous uploads that caused it to host >>> malware or something that led to it being blocked? >>> >>> >>> On Fri, Aug 8, 2014 at 7:12 AM, Kyle Mestery <[email protected]> wrote: >>>> >>>> Trinath: >>>> >>>> In looking at your FWaaS review [1], I noticed the site you are >>>> using for log storage is being blacklisted again, at least by Cisco >>>> WSA appliances. Thus, I cannot see the logs for it. Did you change >>>> the location of your log storage again? Is anyone else seeing this issue? >>>> >>>> Thanks, >>>> Kyle >>>> >>>> >>>> [1] https://review.openstack.org/#/c/109659/ >>>> >>>> _______________________________________________ >>>> OpenStack-dev mailing list >>>> [email protected] >>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >>> >>> >>> >>> >>> -- >>> Kevin Benton >>> >>> _______________________________________________ >>> OpenStack-dev mailing list >>> [email protected] >>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >>> >> >> _______________________________________________ >> OpenStack-dev mailing list >> [email protected] >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >> >> _______________________________________________ >> OpenStack-dev mailing list >> [email protected] >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >> > > > _______________________________________________ > OpenStack-dev mailing list > [email protected] > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > _______________________________________________ > OpenStack-dev mailing list > [email protected] > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > _______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev _______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
