The other lesson is, if your server gets hacked, don't restore from a backup and reconnect the system to the network without fixing the vulnerability first :) On Aug 17, 2012 8:46 AM, "[email protected]" < [email protected]> wrote:
> Non-trivial government sites shouldn't be hosted in a shared hosting > environment. Co-location, at the very least! You don't host nation critical > data and code alongside that of random unscreened clientele in an unknown > environment governed and, allegedly, secured by a third party. That, > hopefully, goes without saying. > > Jake Markhus <[email protected]> wrote: >> >> Does anyone know who hosts them? A lot of us here have cms sites. Are >> there any lessons to be learnt here?**** >> >> ** ** >> >> *From:* [email protected] [mailto:[email protected]] *On >> Behalf Of *Simon Vass >> *Sent:* Friday, 17 August, 2012 8:24 >> *To:* Uganda Linux User Group >> *Subject:* Re: [LUG] Fwd: batulibubi ! OPM Hacked Again**** >> >> ** ** >> >> All tool believable, wonder how many other gov sites are in a poor state >> of security? This could go on a while. >> >> On Thu, 16 Aug 2012, 22:31:29 EAT, Kyle Spencer <[email protected]> >> wrote: >> >> > Unbelieveable! >> > On Aug 16, 2012 10:19 PM, "[email protected]" < >> > [email protected]> wrote: >> > >> > > ** Seriously? Who the hell is running this show? Are they all >> > > incompetent? And people chide me for suggesting incompetence should >> be >> > > rewarded with resignation... >> > > >> > > Ah well. At least it's for a good cause. >> > > >> > > Daniel Bwente <[email protected]> wrote: >> > > > >> > > > http://www.opm.go.ug/news.php >> > > > >> > > > Some needs to pull the plug on that server... >> > > > >> > > > Hacker suggests: >> > > > >> > > > "They simply restored the server from a backup :D Admin md5 --> >> > > > fa54f486d552fe114facfc3a5b6bb483" >> > > > ** <https://twitter.com/PinkNinj4>; >> > > > :( >> > > > >> > > > On Thu, Aug 16, 2012 at 12:51 PM, Victor van Reijswoud < >> > > > [email protected]> wrote: >> > > > >> > > > > Hackers with humor - lethal combination >> > > > > >> > > > > >> > > > > >> > > > > On Thursday, August 16, 2012, [email protected] wrote: >> > > > > >> > > > > > ** Full disclosure. Sweet. >> > > > > > >> > > > > > Daniel Bwente <[email protected]> wrote: >> > > > > > > >> > > > > > > Vi'atu Mbaya Sana: >> > > > > > > >> > > > > > > Username Passwords for: >> > > > > > > >> > > > > > > USE / Pepsi Cola UG / JLOS / online at Pastebin >> > > > > > > >> > > > > > > >> > > > > > > On Thu, Aug 16, 2012 at 9:43 AM, Kiggundu Mukasa >> > <[email protected]>wrote: >> > > > > > > >> > > > > > > > >> > > > > > > > >> > > > > > > > >> > < a href=" >> http://www.esecurityplanet.com/hackers/anonymous-hackers-hit-ugandan-government.html >> "> >> http://www.esecurityplanet.com/hackers/anonymous-hackers-hit-ugandan-government.html >> > > > > > > > >> > > > > > > > Begin forwarded message: >> > > > > > > > >> > > > > > > > >> > > > > > > > >> > > > > > > > >> > > > > > > > >> > > > > > > > >> > > > > > > > >> > > > > > > > >> > > > > > > > >> > > > > > > > -- Acta Virum Probant -- >> > > > > > > > >> > > > > > > > >> > > > > > > > _______________________________________________ >> > > > > > > > The Uganda Linux User Group: http://linux.or.ug >> &g t; > > > > > > >> > > > > > > > Send messages to this mailing list by addressing e-mails >> to: >> > > > > > > > [email protected] >> > > > > > > > Mailing list archives: >> > http://www.mail-archive.com/[email protected]/ >> > > > > > > > Mailing list settings: http://kym.net/mailman/listinfo/lug >> > > > > > > > To unsubscribe: http://kym.net/mailman/options/lug >> > > > > > > > >> > > > > > > > The Uganda LUG mailing list is generously hosted by >> INFOCOM: >> > > > > > > > http://www.infocom.co.ug/ >> > > > > > > > >> > > > > > > > The above comments and data are owned by whoever posted >> them >> > > > > > > > (including attachments if any). The mailing list host is >> not >> > responsible >> > > > > > > > for them in any way. >> > > > > > > > >> > > > > > > >> > > > > > > >> > > > > > > >> > > > > > > -- >> > > > > > > >> > > > > > > /Daniel >> > > > > > > >> > > > > > > >> > > > > > > >> > > > > > > >> > > > > _______________________________________________ >> > > > > The Uganda Linux User Group: http://linux.or.ug >> > > > > >> > > > > Send messages to this mailing list by addressing e-mails to: >> > > > > [email protected] >> > > > > Mailing list archives: >> http://www.mail-archive.com/[email protected]/ >> > > > > Mailing list settings: http://kym.net/mailman/listinfo/lug >> > > > > To unsubscribe: http://kym.net/mailman/options/lug >> > > > > >> > > > > The Uganda LUG mailing list is generously hosted by INFOCOM: >> > > > > http://www.infocom.co.ug/ >> > > > > >> > > > > The above comments and data are owned by whoever posted them >> > (including >> > > > > attachments if any). The mailing list host is not responsible for >> > them in >> > > > > any way. >> > > > > >> > > > >> > > > *> > > >> > > > -- >> > > > >> > > > /Daniel >> > > > >> > > > >> > > > >> > > > >> > > _______________________________________________ >> > > The Uganda Linux User Group: http://linux.or.ug >> > > >> > > Send messages to this mailing list by addressing e-mails to: >> > > [email protected] >> > > Mailing list archives: http://www.mail-archive.com/[email protected]/ >> > > Mailing list settings: http://kym.net/mailman/listinfo/lug >> > > To unsubscribe: http://kym.net/mailman/options/lug >> > > >> > > The Uganda LUG mailing list is generously hosted by INFOCOM: >> > > http://www.infocom.co.ug/ >> > > >> > > The above comments and data are owned by whoever posted them >> > (including >> > > attachments if any). The mailing list host is not responsible for >> them >> > in >> > > any way. >> > > >> > _______________________________________________ >> > The Uganda Linux User Group: http://linux.or.ug >> > >> > Send messages to this mailing list by addressing e-mails to: >> > [email protected] >> > Mailing list archives: http://www.mail-archive.com/[email protected]/ >> > Mailing list settings: http://kym.net/mailman/listinfo/lug >> > To unsubscribe: http://kym.net/mailman/options/lug >> > >> > The Uganda LUG mailing list is generously hosted by INFOCOM: >> > http://www.infocom.co.ug/ >> > >> > The above comments and data are owned by whoever posted them (including >> > attachments if any). The mailing list host is not responsible for them >> > in any way. * >> > > _______________________________________________ > The Uganda Linux User Group: http://linux.or.ug > > Send messages to this mailing list by addressing e-mails to: > [email protected] > Mailing list archives: http://www.mail-archive.com/[email protected]/ > Mailing list settings: http://kym.net/mailman/listinfo/lug > To unsubscribe: http://kym.net/mailman/options/lug > > The Uganda LUG mailing list is generously hosted by INFOCOM: > http://www.infocom.co.ug/ > > The above comments and data are owned by whoever posted them (including > attachments if any). The mailing list host is not responsible for them in > any way. >
_______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way.
