Examples: query, "exact match", wildcard*, wild?ard, wild*rd
Fuzzy search: cake~ (finds cakes, bake)
Term boost: "red velvet"^4, chocolate^2
Field grouping: tags:(+work -"fun-stuff")
Escaping: Escape characters +-&|!(){}[]^"~*?:\ with \, e.g. \+
Range search: properties.timestamp:[1587729413488 TO *] (inclusive), properties.title:{A TO Z}(excluding A and Z)
Combinations: chocolate AND vanilla, chocolate OR vanilla, (chocolate OR vanilla) NOT "vanilla pudding"
Field search: properties.title:"The Title" AND text
Answered
Or Is It Just The Ubuntu Official Image

Votes Newest

Answers 17


This image is used for the task pods, not the agent pod.

  
  
Posted 2 years ago

Yes

  
  
Posted 2 years ago

yes

  
  
Posted 2 years ago

"additionalInfo": { "inBytes": "438", "localPort": "9134", "outBytes": "401", "unusual": "80", "value": "{\"inBytes\":\"438\",\"localPort\":\"9134\",\"outBytes\":\"401\",\"unusual\":\"80\"}", "type": "default" },

  
  
Posted 2 years ago

During the task pod runtime

  
  
Posted 2 years ago

Would using 22.04 Ubuntu still work in the task execution?

  
  
Posted 2 years ago

This is where we saw the malicious activity

  
  
Posted 2 years ago

Important part here: Malicious IP: 165.160.15.20

  
  
Posted 2 years ago

What malicious activity?

  
  
Posted 2 years ago

For task execution? It would work, yes, however it would take longer to install, I assume

  
  
Posted 2 years ago

The task pod (experiment) started reaching out to an IP associated with malicious activity. The IP was associated with 1000+ domain names. The activity was identified in AWS guard duty with a high severity level.

  
  
Posted 2 years ago

"ipAddressV4": "165.160.15.20", "organization": { "asn": "19574", "asnOrg": "CSC", "isp": "Corporation Service Company", "org": "Corporation Service Company" }, "country": { "countryName": "United States" }, "city": { "cityName": "" }, "geoLocation": { "lat": 37.751, "lon": -97.822 } }, "remotePortDetails": { "port": 80, "portName": "HTTP" }, "localPortDetails": { "port": 9134, "portName": "Unknown" }, "protocol": "TCP", "blocked": false, "localIpDetails": { "ipAddressV4": "10.32.2.13" }

  
  
Posted 2 years ago

Are you suggesting the default "ubuntu:18.04" is somehow contaminated ?

This is an official Ubuntu container (nothing to do with ClearML), this is Very Very odd...

  
  
Posted 2 years ago

The task pod (experiment) started reaching out to an IP associated with malicious activity. The IP was associated with 1000+ domain names. The activity was identified in AWS guard duty with a high severity level.

Can you share some details? I would really like to get to the bottom of that...

  
  
Posted 2 years ago

"title": "Unusual outbound communication seen from EC2 instance i-<> on server port 80.",

  
  
Posted 2 years ago

The domain names were bogus sounding businesses

  
  
Posted 2 years ago

The task pod (experiment) started reaching out to an IP associated with malicious activity. The IP was associated with 1000+ domain names. The activity was identified in AWS guard duty with a high severity level.

BoredHedgehog47 What is the pod container itself ?
EDIT:
Are you suggesting the default "ubuntu:18.04" is somehow contaminated ?
https://hub.docker.com/layers/library/ubuntu/18.04/images/sha256-d5c260797a173fe5852953656a15a9e58ba14c5306c175305b3a05e0303416db?context=explore

  
  
Posted 2 years ago