I don't know how experienced with admining a windows box and do not want to offend. But if you are on a win box I wrote up a little security 101 off the top of my head. It is has been a few years since I did any sys admin work so others might want to chime in on things I over looked.
- Disable the administrator account - Restrict access to remote desktop to one account with an obscure username - Make failed login attempts wait at least thirty seconds or a minute before logging in again - Run the Security Configuration Wizard (SCW) and lock down all ports, services and apps - Shut down all unneeded services. - Use ridiculous usernames and passwords. - Only allow local access (or one IP for dedicated DB) to database servers - Use an external, *hardware* based firewall - Keep everything patched and make sure you are on the security mailing lists for all third part apps, scripts and servers that you used. - Use AV, anti-spyware and anti-intrusion software And/Or get a server security suite by a reputable vender. To paraphrase: The price of a maintaining a server is eternal vigilance. On Fri, Feb 15, 2008 at 12:52 PM, Don L <[EMAIL PROTECTED]> wrote: > Yesterday around 7pm EST my box has been ruthlessly attacked (port scan > and then data/schema alternation) by 75.126.166.15, which traced to > SoftLayer Technologies, Inc. in TX. > > My course of actions: > a) prepare a law suit; > b) inform FBI. > > On b), I don't know if I should inform FBI branch in TX or just own state > or both. Evil doers must be stopped soon. > > Your thoughts would be appreciated. > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;160198600;22374440;w Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:299119 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
