Wednesday, December 17, 2014

News for OSG users with CILogon CA certificates

The OSG Security Team wants to inform that Protect Network, one of the
Identity Providers accepted by the CILogon CA, will no longer be
available after 12/31/2014. Most OSG users are getting certificate
directly via the OSG CA, however CILogon has been available as an option
for a number of years.

If you have been getting personal certificates via cilogon.org, and have
been using Protect Network to authenticate, you will no longer be able
to get new certificates after 12/31/2014.

We recommend using your home institution's Identity Provider if it is
available on the pulldown list on the cilogon.org website, get a new
certificate via the OSG CA, or else renew your current cert before the
end of the year and then seek other arrangements.

If you need help getting a certificate to replace a cilogon.org/Protect
Network certificate, please contact the security team by opening a GOC
ticket.

Some useful links:

* http://cilogon.org/osg

Kevin Hill
on behalf of the OSG Security Team

Wednesday, June 25, 2014

Warning about IPMI

The Intelligent Platform Management Interface (IPMI) is a remote management system included in many server systems. Several recent vulnerabilities in IPMI systems have been found to be remotely exploitable. It is highly recommended that any systems with IPMI be configured to not allowed access from the general internet, either by configuring a private network, or blocking access with a firewall. US-CERT recently published an alert on this as well:
http://www.us-cert.gov/ncas/alerts/TA13-207A