A little self promotion? Shameful cbq shameful..:) josh @ besquared
Charles Brian Quinn wrote: > On 7/27/06, Zed Shaw <[EMAIL PROTECTED]> wrote: > >> <snip> >> >> Wow, look at all those wonderful usernames I can use to hack that box. >> Now if I can just find the right server I could be in there like >> swimwear. >> > > Especially since those pesky capistrano config/deploy.rb have all the > passwords in there for you. And, with .ssh_keys on most of our boxes, > it would only take one to get 'em all! > > Our servers are constantly polled by programs searching for random > username/password combinations (the message log is filled with > attempts for common usernames), and just the other day we had some > program polling our app for FrontPage (gasp! who still uses those) > extension dlls and crazy large posting of \x000 \x000 characters to > one of our forms for buffer exploits. mongrel handled 'em fine. > Maybe it's time to move ssh up to a different port? > > It's a wild world out there y'all. ;-) > > p.s. the username on our box got cut off, it's highgroove_deploy for > all the hackers out there... > _______________________________________________ Mongrel-users mailing list Mongrel-users@rubyforge.org http://rubyforge.org/mailman/listinfo/mongrel-users
