On Tue, 22 Feb 2005 21:43:20 EST, cate serino <[EMAIL PROTECTED]> wrote: > After only having my server up for a few hours and to a state that I > thought was fairly secure, I got hacked with what I think is a man in the > middle attack. Other than turning off ports (telnet, ect.), changing > root passwords, and editing the hosts.allow and hosts.deny files, what > can I do to secure my server.
What you can do is monitor it actively. Login. Take a look. Find out what's going. The worst security error I've seen is not paying attention. People wonder where the attacks came from and then they look in their logs and see that someone's been working them for months. If you need help securing it, try Bastille. It will help you button things up. Until then, unplug from the Internet. http://www.bastille-linux.org/ -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
