I think it's closer to considering an attack on your box car theft. You left the window open, so someone opened the door, came in and messed with your radio stations and stole the change from the tray. (I'm not really sure what the damages were in your case).
Is it not your own fault for leaving the window open? Maybe you forgot to close it, or didn't realize it was open. Either way you're responsible for securing your car. You probably just never though you'd be hacked because you have nothing worth stealing (not saying that you have nothing worth stealing, but this is how a lot of people think). Unfortunately there are script kiddies out there, and more hardened criminals that might be interested in just messing around, or stealing bandwidth (we were hacked once and they set up a warez ftp server). So if you have a firewall, please, please close off any unnecessary ports. Change all the default ports and usernames (except things like http/https of course). It might be a bit annoying to use at first, but you get used to it, and it's a small price to pay for security. Russ > -----Original Message----- > From: Don L [mailto:[EMAIL PROTECTED] > Sent: Friday, February 15, 2008 6:24 PM > To: CF-Talk > Subject: Re: OT - Box has been attacked by cowboy > > No, no, no, I wasn't looking for someone to blame, consider the attack on > my box yesterday as a "car accident" as someone has so vividly alluded to, > well, someone was saying, hey, why were you on road, I have the right to > hit your car even if you're following traffic rules? > > Yes, I do have knowledge about server security, however, as I mentioned, > it's also involved with Opportunity Cost, but yes indeed, there's neglect > from my own part, I'm not consistent enough in enforcing security for the > box. Thanks for your time and the pointers. > > >I realized that this last post seemed harsh, so I thought I'd clarify. My > >point is that since you're in the middle of this, there's better things > to > >do than assess blame. > > > >I understand that you're upset and frustrated, but looking to point the > >finger to blame will not lead to anyone but yourself and that's not going > to > >help you deal with this. > > > >If you desperately need to keep the server online, a quick fix is a small > >home based router / firewall that can hold you through while you sort > this > >out. They're built to be easy to configure via browser and generally you > can > >get them for quite cheap. > > > >Configuring it would be much easier than trying to learn how to console > into > >a Cisco Pix... > > > >If you don't need it up, than take it down immediately so that you don't > >cause the same grief to others online. > > > >!k > > > >I'm unsure if it's 'your' server or a company that you work for, but if > you > >don't know something, ignoring the problem doesn't constitute a solution > and > >sure isn't a justifiable excuse. > > > >And you don't need to be an expert at security to handle this, because > there > >are experts that tell you how to do it for free, including the companies > / > >organizations that build the software you run. > > > >http://www.google.com/search?hl=en&q=how+to+secure+a+windows+server&meta= > >http://www.google.com/search?hl=en&safe=off&q=how+to+secure+a+SQL+server > >http://www.google.com/search?hl=en&safe=off&q=how+to+secure+a+mysql+serve > r > >http://www.google.com/search?hl=en&safe=off&q=how+to+secure+an+apache+ser > ver > >http://www.google.com/search?hl=en&safe=off&q=how+to+secure+an+IIS+server > >http://www.google.com/search?hl=en&safe=off&q=how+to+secure+a+mail+server > > > >!k > > > >..... > > > >Here's the thing, if I were a security professional, would I be in a > better > >position to attack and/or defend my machine or any machines for that > matter? > > > >Given the opportunity cost, could any of us be all and being experts in > all? > > > >A clear and difficult challenge. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;160198600;22374440;w Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:299170 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
