>
> > I have the GMA website's server right here next to me. It used to run
> > Apache on Solaris, but apparently how they defaced it was a helluvalot
> > simpler than a security hole. We had a good look and it turns out that
> > SOMEONE'S PASSWORD GOT STOLEN. !@#!$@#%@!!!! TELNET LUSERS!!!!
>
> > Ever since I joined this company I've been wondering what the hell kind of
> > outfit we're running here...
> > Too many ignorant people with the root password. Grr...
>
> >From these two post, do we assume that root's password was stolen?
> If it is an ordinary user's password that was stolen, doing that
> kind of hack is still quite a challenge, so it must be root's
> password that the hacker got.
>
> This is a security issue, and your experience will be very
> helpful to all of us who run publicly accessible websites.
>
dunno about you guys. but, the assumption i make when i configure a
publicly accessible website is to assume that the root password can
be compromise (although, i am slowly moving some systems to sudoer
based security instead. with the root account locked up with a
reeeeeeeaaaaaaaaaaaaaalllllllllllllllllyyyyy impossible to crack root
password or not login able at all.)
there... with this assumption in mind. i have a personal firewall
comfigure using iptables for 2.4 and ipchains for 2.2. i only allow
my machine to be accessed from certain allowed machines. aside from
this i also have tcp wrappers configured for the other things i have
missed.
there is no single rule for security because these crackers seem to
find a way. but, it would be good to keep a good minimum security level.
hehehe. my $0.02
--------------------------------------
William Emmanuel S. Yu
Ateneo Cervini-Eliazo Networks (ACENT)
email : [EMAIL PROTECTED]
web : http://cersa.admu.edu.ph/
phone : 63(2)4266001-5925/5904
"Do you believe in intuition?"
"No, but I have a strange feeling that someday I will."
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
