Hi Douglas,
Thanks for the concern. The hadoop setup that is there is currently experimental, and not
being used in production. I've been focusing on a couple of things over the last few
weeks, and just left it online.
I've shut it down now, and intend to make our eventual production version more secure.
Thanks again,
- Andrew Otto
Analytics Systems Engineer, Wikimedia Foundation
On Jul 3, 2012, at 3:17 PM, Asher Feldman wrote:
FYI
---------- Forwarded message ----------
From: Douglas Moore <douglas.moore(a)thinkbiganalytics.com>
Date: Tue, Jul 3, 2012 at 12:05 PM
Subject: SECURITY exposure issue - HADOOP
To: noc(a)wikimedia.org
Hello,
While searching for Hadoop related material on Google, I found an administrative page on
your Hadoop server, and that it is exposed to the Internet and indexed by Google.
Hadoop is not intended to run directly on the Internet so we believe this situation
represents a potential security risk to your fine organization and think you should
investigate further (and close public access to this research cluster).
Here is one of the open URLs:
http://analytics1001.wikimedia.org:50070
Please kindly acknowledge the receipt of this email.
Thanks,
--
Douglas Moore
781-454-5971
@Douglas_MA
skype: dmoore247
Douglas.Moore(a)thinkbiganalytics.com
http://www.thinkbiganalytics.com
_______________________________________________
Ops mailing list
Ops(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/ops