[LON-CAPA-admin] Help understanding hosting other domains' users on our access servers
Mike Budzik
mikeb at purdue.edu
Mon Oct 5 17:13:45 EDT 2015
For hosting other domains' users, we have our access nodes set to deny all
except the following (and none of the following are checked). However,
today we noticed session data files in /home/httpd/perl/tmp on one of our
access nodes that are named with another domain.
USERNAME1_binghamton_4231791afc6bb5593binghamtona6.db
USERNAME1_binghamton_4231791afc6bb5593binghamtona6.db.lock
USERNAME1_binghamton_4231791afc6bb5593binghamtona6_parms.db
USERNAME1_binghamton_4231791afc6bb5593binghamtona6.state
USERNAME1_binghamton_4231791afc6bb5593binghamtona6_symb.db
USERNAME2_binghamton_4231791afc6bb5593binghamtona6.db
USERNAME2_binghamton_4231791afc6bb5593binghamtona6.db.lock
USERNAME2_binghamton_4231791afc6bb5593binghamtona6_parms.db
USERNAME2_binghamton_4231791afc6bb5593binghamtona6.state
USERNAME2_binghamton_4231791afc6bb5593binghamtona6_symb.db
In the access log I think it looks like the users posted answers to some
problems. For example:
POST /res/binghamton/gonzales/Postlab/analysisOfBottledWaterV3.problem
HTTP/1.1" 200 44989 "
https://loncapa03.purdue.edu/res/binghamton/gonzales/Postlab/analysisOfBottledWaterV3.problem
POST /res/binghamton/gonzales/Postlab/SimultaneousAnalysis.problem
HTTP/1.1" 200 56842 "
https://loncapa02.purdue.edu/res/binghamton/gonzales/Postlab/SimultaneousAnalysis.problem
Any idea how someone from Binghamton used our server despite our access
nodes configured as they are?
Our organization is very sensitive to FERPA issues, so I'm pretty curious
about it. In this case, based on the access log I could not guess which
course the user is in. However, if the course had been named with a course
number/name, that would mean I could discover some roster data which is
covered by FERPA. What if the user used our access server to view their
grades?
What traffic goes across the other ports that LON-CAPA uses (e.g. 5663) and
is that encrypted? Is this FERPA covered data being transmitted without
encryption?
Thanks,
Mike B
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.lon-capa.org/pipermail/lon-capa-admin/attachments/20151005/dffbaddd/attachment.html>
More information about the LON-CAPA-admin
mailing list