On Tue, Jan 4, 2011 at 12:09, Shibu Nair <[email protected]> wrote:
> Dear friends, > > Our website www.thanal.co.in which is created with joomla got hacked. It > says hacked by devHack.us. > What is this? hope to get some info on this and precautions for future > > shibu Well, right now I am behind a proxy and couldn't manage to get much of your details. 1. But its better that you make your system installed with any light weight linux. Backup it ASAP and re-install. If you are on VM then its okay. 2. Create a new user with bare minimum access to essential binaries. 3. Statically compile the libc. 4. Monitor and sandbox the permission of the user. 5. Make sure you have a web server which is "considered" safe. Apache is quite heavy for its purpose. Lightweight http servers are there. 6. You should know well to configure the web server. This would be something that you would be knowing knowing better as you are one of admin. 7. Regularly monitor the kernel logs. utmp and wtmp. 8. install gufw or fw. Restrict the allowed connection 9. Remove unwanted binaries from the system. 10. Once install though it may sound crazy <remove the compiler> 11. Its better that you don't put DE's like GNOME or KDE in servers. Put DE's like open-box or enlightenment. More preferred that you dont put X service at all. 12. Far better, you configure it as SE-Linux Arjun S R <[email protected]> College Of Engineering,Trivandrum <http://www.cet.ac.in/home.php> Facebook : http://www.facebook.com/Arjun.S.R Twitter: http://twitter.com/Arjun_S_R -- "Freedom is the only law". "Freedom Unplugged" http://www.ilug-tvm.org You received this message because you are subscribed to the Google Groups "ilug-tvm" group. To control your subscription visit http://groups.google.co.in/group/ilug-tvm/subscribe To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For details visit the google group page: http://groups.google.com/group/ilug-tvm?hl=en
