I realized that this last post seemed harsh, so I thought I'd clarify. My point is that since you're in the middle of this, there's better things to do than assess blame. I understand that you're upset and frustrated, but looking to point the finger to blame will not lead to anyone but yourself and that's not going to help you deal with this.
If you desperately need to keep the server online, a quick fix is a small home based router / firewall that can hold you through while you sort this out. They're built to be easy to configure via browser and generally you can get them for quite cheap. Configuring it would be much easier than trying to learn how to console into a Cisco Pix... If you don't need it up, than take it down immediately so that you don't cause the same grief to others online. !k -----Original Message----- From: Kevin Aebig [mailto:[EMAIL PROTECTED] Sent: Friday, February 15, 2008 2:38 PM To: CF-Talk Subject: RE: OT - Box has been attacked by cowboy I'm unsure if it's 'your' server or a company that you work for, but if you don't know something, ignoring the problem doesn't constitute a solution and sure isn't a justifiable excuse. And you don't need to be an expert at security to handle this, because there are experts that tell you how to do it for free, including the companies / organizations that build the software you run. http://www.google.com/search?hl=en&q=how+to+secure+a+windows+server&meta= http://www.google.com/search?hl=en&safe=off&q=how+to+secure+a+SQL+server http://www.google.com/search?hl=en&safe=off&q=how+to+secure+a+mysql+server http://www.google.com/search?hl=en&safe=off&q=how+to+secure+an+apache+server http://www.google.com/search?hl=en&safe=off&q=how+to+secure+an+IIS+server http://www.google.com/search?hl=en&safe=off&q=how+to+secure+a+mail+server !k -----Original Message----- From: Don L [mailto:[EMAIL PROTECTED] Sent: Friday, February 15, 2008 2:10 PM To: CF-Talk Subject: Re: OT - Box has been attacked by cowboy ...... >On the contrary, it's the only useful answer. If you have a known >vulnerability, you have to fix it. The answer may not be as simple as "put >up a firewall", but if someone from Texas was able to get to your database >server directly to change your schema, that indicates a clear problem. > >Dave Watts, CTO, Fig Leaf Software >http://www.figleaf.com/ > Here's the thing, if I were a security professional, would I be in a better position to attack and/or defend my machine or any machines for that matter? Given the opportunity cost, could any of us be all and being experts in all? A clear and difficult challenge. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;160198600;22374440;w Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:299131 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
