Re: [gentoo-user] OT - Some miscellanous questions about hack attacks and dealing with them

2007-02-23 Thread Jakob
Whenever I see someone trying the break in in the logsentry reports, I add their IP to the deny_hosts.conf file and restart ipkungfu so that the changes will take effect. maybe you want to have a look at sshdfilter http://www.csc.liv.ac.uk/~greg/sshdfilter/ jakob -- gentoo-user@gentoo.org

RE: [gentoo-user] OT - Some miscellanous questions about hack attacks and dealing with them

2007-02-23 Thread Nelson, David \(ED, PARD\)
-Original Message- From: Alan McKinnon [mailto:[EMAIL PROTECTED] Sent: 23 February 2007 07:17 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] OT - Some miscellanous questions about hack attacks and dealing with them The problem is that php enables every kid and his

Re: [gentoo-user] OT - Some miscellanous questions about hack attacks and dealing with them

2007-02-22 Thread Raymond Lewis Rebbeck
On Friday, 23 February 2007 3:15, Michael Sullivan wrote: I have logsentry installed on my system which sends me hourly reports about possible hack attempts on my three boxes. I use ipkungfu for my firewall. I've stuck with the default configuration for ipkungfu, except for listing each of

Re: [gentoo-user] OT - Some miscellanous questions about hack attacks and dealing with them

2007-02-22 Thread Alan McKinnon
On Thursday 22 February 2007, Michael Sullivan wrote:  Also, I've always heard that you shouldn't have any ports open on your machine unless you have some server bound to that port because hackers can get in through unbound open ports.  Is this true?  If so, how does it work? That sounds

RE: [gentoo-user] OT - Some miscellanous questions about hack attacks and dealing with them

2007-02-22 Thread Nelson, David \(ED, PARD\)
-Original Message- From: Alan McKinnon [mailto:[EMAIL PROTECTED] Sent: 22 February 2007 17:33 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] OT - Some miscellanous questions about hack attacks and dealing with them By far the most common attack vector is weak user

Re: [gentoo-user] OT - Some miscellanous questions about hack attacks and dealing with them

2007-02-22 Thread Dan Cowsill
Actually, I'd be pretty interested in what you have to rant about PHP. I run apache with php_mod installed and have the http port open. Is there a security risk I should be aware of? Thanks On 2/22/07, Alan McKinnon [EMAIL PROTECTED] wrote: On Thursday 22 February 2007, Michael Sullivan

Re: [gentoo-user] OT - Some miscellanous questions about hack attacks and dealing with them

2007-02-22 Thread Michael Sullivan
On Fri, 2007-02-23 at 03:49 +1030, Raymond Lewis Rebbeck wrote: On Friday, 23 February 2007 3:15, Michael Sullivan wrote: I have logsentry installed on my system which sends me hourly reports about possible hack attempts on my three boxes. I use ipkungfu for my firewall. I've stuck with

Re: [gentoo-user] OT - Some miscellanous questions about hack attacks and dealing with them

2007-02-22 Thread kashani
Dan Cowsill wrote: Actually, I'd be pretty interested in what you have to rant about PHP. I run apache with php_mod installed and have the http port open. Is there a security risk I should be aware of? It really depends on how badly the PHP application you're running has been written.