In early October 2011 we discovered that the School of Informatics SSH service had been seriously compromised. Since that time our Computing Team has been working very hard to thoroughly investigate the circumstances of the event and provide a robust response.
As part of the response to this event we have written a detailled report. This covers the investigation and the initial
response. Furthermore, we have carried out a wide-ranging review of the design of our SSH service and made a number of proposals on how the security can be enhanced.
In the interests of helping other schools avoid experiencing the same problems we are making the report publically available. The report can be found on the DICE publications page.
It’s a fairly lengthy report, if you are not interested in the gory details of the investigation we recommend skipping to section 6 which is where the discussion and proposals section begins.