On March 08, 2011, a security breach was discovered on the TAPoR portal. The TAPoR portal was recently moved from the University of McMaster to a dedicated node on the WestGrid High Performance Computing Cluster at the University of Alberta. The system is running the release 5.5 of CentOS operating system.
On the TAPoR machine firewalls had been configured to address security concerns but SSH login from remote machines had been enabled to obtain service from external developers during the migration of the portal from McMaster to Alberta. This option was misused by two hackers on March 02 (one from Missouri, US and the other from Italy) who managed to get into the TAPoR server and started brute-force attacks from there on to other servers around the world. As soon as we identified the breach, we addressed it by reinstalling a clean version of the operating system and all other legitimate software, followed by implementing a more tightened security policy. The current policy allows only SSH-key based authentication and permits ssh access to the TAPoR server only from machines that are in the university network. The system is now running smoothly and no user data had been affected by the problem.
