Present: iang, virtual-matthias-G

Zentrix hacked again and again …

• Zentrix VM got hacked last friday night.
• Cleanup lasted minutes and it was hacked again by monday.
• vector of attack was either mod_perl or mod_php, no clarity on this point
• PHP was opened up again last September.
• Only active sysadms now have access, and new security policy is in place.
• subik moving dns to new VM with assistance from FF’s Wolfgang
• subik will solve ldap domains change problem.