[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Condor-users] Urgent, any security breach?
- Date: Thu, 27 Jul 2006 15:00:36 +0800 (HKT)
- From: Kwan Wing Keung <hcxckwk@xxxxxxxxxxxx>
- Subject: Re: [Condor-users] Urgent, any security breach?
We recently reported some of our observation upon installing Condor onto a
new pool of PCs. We observed the establishment of a connection using
IP address of 64.4.xx.xx via HTTPS from SVCHOST. After obtaining more
technical suggestions from the Condor Development Team, we have
conducted another thorough testing on several PCs, with and without CONDOR
installed. We found that the 64.4.xx.xx connected is always established,
and thus this is not a problem of Condor.
We are indeed very sorry for this false alarm. For your information, we
have already been very successful in porting many of our HPC users'
programs to work in our pilot Condor setup. Because of the success,
we have requested to our management in installing Condor onto most of
the other PCs in our student labs. This is why we are so conscious on the
Thanks again for the excellent Condor software and the valuable helps
that have been given.
University of Hongkong
On Mon, 24 Jul 2006, Todd Tannenbaum wrote:
At 10:19 AM 7/24/2006, Woo Chat Ming wrote:
I am in the same team as Mr Kwan. This is the answer for your short
1. The full IP that's being contacted
Sorry. I need to check this at the lab tomorrowing morning.
2. The name of the process that has the connection open
3. If you disable Condor, does this connection go away?
IP address of 64.4.xx.xx via HTTPS from SVCHOST is a well known
connection used by Microsoft Update.
If you block this connection, Condor will not care, but Microsoft
Update will likely cease to work for you.
What I do not fully understand is why this connection is active when
Condor is enabled, and not when Condor is disabled. I guess it could
be co-incidence, or it could be that Condor is using a Microsoft DLL
that no other service on your machine is using and thus it is
checking for an update to this DLL.
We'll do some investigative work here to make certain there is
nothing worrisome happening here.
Thank you for reporting / noticing,
UW-Madison Condor Project
Todd Tannenbaum University of Wisconsin-Madison
Condor Project Research Department of Computer Sciences
tannenba@xxxxxxxxxxx 1210 W. Dayton St. Rm #4257
http://www.cs.wisc.edu/~tannenba Madison, WI 53706-1685
Phone: (608) 263-7132 FAX: (608) 262-9777
Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
You can also unsubscribe by visiting
The archives can be found at either