On Thu, 27 Mar 2008 11:54:55 +0100 (CET) "ThomasP" <[EMAIL PROTECTED]> wrote:
> after a recent break-in into my server I'm wondering how I can > better protect my "machine" (a virtual server actually) against > this happening again. Sorry to hear about that. If this is not the first time, it means that "your setup" is "not right". A. You haven't told us what's your setup. B. You haven't told us how they broke in. 1. The OS must be properly configured either MS, Linux or BSDs, and yes they can be configured to be very secured. 2. For Pmwiki take a look at: http://www.pmwiki.org/wiki/PmWiki/Security as a starting point. > At this opportunity the idea of having a centralized blacklist > server for attacking IPs (similar to the spam blacklists, but > also with their disadvantages) came once again to my mind. Would > there be an interest/ does it make sense to have something like > this realized? Not really. A good server and good implementation MUST survive in the wild by itself. Actually, I doubt that it was 1 person that attacked you, unless you have some personal enemies. It's much more likely that it was a bot, and for those the IP addresses are useless, because they infect other computers/IPs. -- Thanks http://www.sqlhacks.com The SQL Server knowledge base _______________________________________________ pmwiki-devel mailing list pmwiki-devel@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-devel
