On Fri, 22 Aug 2003, Keith wrote:
Firewalls are your friend. These days they are so cheap, even for home
use, that there is no reason not to have one. It is in your best
interest to have one, set up an inbound default policy of DENY for at
least all priveledged ports and only open up those
Good advice but do you know of any of the cheaper home units (SMC,
Netgear, Siemens, Dlink, Linksys etc..) that can actually be configured
with default DENY?
Yes. The Linksys routers are default deny. You must specifically say
what ports are allowed in.
Everyone I have seen is default
* Yuser [EMAIL PROTECTED] [26/08/2003 1717EDT]:
On Fri, 22 Aug 2003, Keith wrote:
Firewalls are your friend. These days they are so cheap, even for home
use, that there is no reason not to have one. It is in your best
interest to have one, set up an inbound default policy of DENY for at
On 26 Aug 2003 at 12:04, Mark Pettit wrote:
There is no consumer-level product that will do that.
I know, that was my wishlist!! It would be nice though. I will look
into the Linksys.
However, Linux
iptables can do most, if not all, of what you are asking for. And
they can be set up
Sent: Friday, August 22, 2003 2:38 PM
To: [EMAIL PROTECTED]
Subject: RE: [luau] RH 9 server hacked -- what went wrong?
Thanks, everyone, for sharing your comments.
No, this box was not firewalled, nor had I applied any security patches.
I had every intention of doing so, I just didn't realize
Hi all,
I just recently set up a RH 9 sever (less than a week ago), and it has
already been hacked. I know I'm going to have to reinstall, but I was
hoping to find out what vulnerability was exploited so it doesn't happen
again next time. I don't think any passwords were cracked. They must
I have to wonder if, after installing the server, you made certain that
you ran up2date or apt-get (if you installed apt) to update all the
packages. What services did you have running? Was the machine
firewalled?
--scott
On Friday, August 22, 2003, at 09:33 AM, Rob Bootsma wrote:
Hi
Bootsma
Sent: Friday, August 22, 2003 9:33 AM
To: [EMAIL PROTECTED]
Subject: [luau] RH 9 server hacked -- what went wrong?
Hi all,
I just recently set up a RH 9 sever (less than a week ago), and it has
already been hacked. I know I'm going to have to reinstall, but I was
hoping to find out what
* Rob Bootsma [EMAIL PROTECTED] [22/08/2003 1533EDT]:
Hi all,
Aloha.
I just recently set up a RH 9 sever (less than a week ago), and it has
already been hacked. I know I'm going to have to reinstall, but I was
hoping to find out what vulnerability was exploited so it doesn't happen
again
On Fri, 2003-08-22 at 10:27, Keith wrote:
Firewalls are your friend. These days they are so cheap, even for home
use, that there is no reason not to have one. It is in your best
interest to have one, set up an inbound default policy of DENY for at
least all priveledged ports and only open up
chkconfig --list | grep 3:on
will reveal better results. Init3 is the run level you want to
concentrate on.
Rob, would you mind sharing the IP of your cracked box before you blow it
away? i'm sure at least one of us wouldn't mind running nessus against it
:)
-ho'ala
Keith said:
Another
On Fri, Aug 22, 2003 at 09:33:08AM -1000, Rob Bootsma wrote:
So my question is, how did they get root? Well, I guess they
used this rootkit, but how did they manage to install that?
Where is the vulnerability? If anyone has any suggestions
of what to look for before I wipe out this box, it
On Fri, Aug 22, 2003 at 11:26:25AM -1000, Ho'ala Greevy wrote:
chkconfig --list | grep 3:on
will reveal better results. Init3 is the run level you want to
concentrate on.
Respectfully, I disagree. You want to reduce the running services
on all your runlevels. Most of the RH installations
server hacked -- what went wrong?
Hi all,
I just recently set up a RH 9 sever (less than a week ago), and it has
already been hacked. I know I'm going to have to reinstall, but I was
hoping to find out what vulnerability was exploited so it doesn't happen
again next time. I don't think any passwords
* Warren Togami [EMAIL PROTECTED] [22/08/2003 1850EDT]:
[...]
I like RH but they have a habbit of enabling nearly every service by
default.
Eh? This has not been true for years now.
I stand corrected! Although I believe a safer default is to have most
-- if not all -- services off
15 matches
Mail list logo