Project

General

Profile

Actions

tickets #160104

closed

State of kali.i.o.o

Added by crameleon about 1 month ago. Updated about 1 month ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Servers hosted in PRG
Target version:
-
Start date:
2024-05-09
Due date:
% Done:

0%

Estimated time:

Description

Hi,

investigation of spurious network traffic led me to kali.infra.opensuse.org. Reaching a shell through the serial console, I find the machine to have a high uptime - given the rather interesting operating system containing "rolling" in its description this is leads me to believe no updates were recently installed either.
The last login was in November (which was probably myself when I changed the IP address during the DC migration).

Since this machine is not enrolled in Salt, does not seem to have any services for automatic maintenance configured, and is not running an up to date operating system, I think of it to be in violation with our infrastructure policy: https://en.opensuse.org/openSUSE:Infrastructure_policy.

Please advise if the issues can be mitigated or if the machine should be decommissioned.

Thanks!
Georg

Actions #1

Updated by cboltz about 1 month ago

The idea was to have an easy way to scan the infrastructure for security issues etc.

Looking at the last login date you mentioned, obviously nobody does that, which makes the kali VM somewhat superfluous. Personally, I don't have any objections against shutting it down.

However, see https://progress.opensuse.org/issues/114860 comment 2 (from two years ago, I'm not sure if it's still valid).

Actions #2

Updated by lrupp about 1 month ago

I was using kali in the past to check the vulnerability of our infra.o.o network.

As this is handled differently today and I stepped back from the heroes long time ago, I guess that this machine just fell of the radar.

Feel free to decommission the machine.

Note: If you like to keep some old security reports, feel free to backup the postgresql database (used by openVAS) - but IMHO it does not make much sense, after all the recent changes.

Actions #3

Updated by crameleon about 1 month ago

  • Status changed from New to In Progress
  • Assignee changed from lrupp to crameleon
  • Private changed from Yes to No

Thank you both for the input! Good to know about the history. I will proceed to decommission it.

https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/1841

Actions

Also available in: Atom PDF