perfSONAR User Q&A and Other Discussion

[Stefan Piperov <>]

Roderick, I'm glad your perfsonars run fine. You're obviously taking good 
care of your pets. But the other end of the spectrum should be addressed 
too:
My single perfsonar box has crashed, and had to be re-installed, more than 
the rest of the servers in the same center _combined_ over the last year! 
And was the only one that got hacked into (twice!), given the same 
treatment as the rest of the servers in that same center.

That's the reason for me to quote "vulnerability" and "disproportinate 
amount of effort to maintain".

Stefan.



On Mon, 6 Oct 2014, Roderick Mooi wrote:

> Hi,
>
> Jason and team - thanks for your efforts - going above and beyond really 
> means a lot to us.
>
> Some comments on the thread without repeating what others have said:
>
> A colleague and I maintain a deployment of 12 perfSONAR servers. We
don't have automated updating (we prefer being in control). I watch the 
mailing list closely (no need to read every email every day - just scan 
the subjects) and respond when needed (like installing the patches for 
these vulnerabilities). It was one of the first places I heard about 
bashapocalpse and shellshock. It took about 15 mins total to run and 
verify the two yum updates required for each patch. That's not too much 
to ask (and the fast notices on the mailing list meant I could do it in 
time).
> Note: the mailing list is invaluable. Someone with access to your server 
> should be watching it regularly (filtering for important subjects if needed).