Hacking Prevention In The Future...

EnisadaEnisada Edmonton Member
edited June 2003 in Community
This is a question to the mods and the new host of Icrontic. I was wondering if there is going to be some implemention of anti-hacking hardware/software for this new version of Icrontic. I hope that this Icrontic doesn't face the same fate as the last one.

Enisada

Comments

  • kanezfankanezfan sunny south florida Icrontian
    edited June 2003
    it's not that they got hacked so much as they didn't keep backups. if you get hacked and have proper backups, you can be back online in maybe 1-3 hours, on a new install of the latest OS or whatever. the team that's in charge now is very capable, I'm sur they've got measures in place. why do you ask? a bit of social engineering perhaps? trying to find out what they've done to secure the place? are YOU the next icrontic h4x0rz?
  • ElectusUnumElectusUnum
    edited June 2003
    lol kanez,
    "WITCH! WITCH"

    /me starts looking for his Monty Python tape
  • RobRob Detroit, MI
    edited June 2003
    We have enough knoledgeable people here to maintain a machine. I have no clue on what happened before, and I dont care to. But I do know the people involved now are competent, and I'm availble but probably not needed.

    Odds are, it was a lame script kiddy. Someone smart enough to really 'hack' usually can find a more fulfilling thing to do than a forum. And the 'real hackers' I know use there powers for good, writing patches and advising to security alearts. Most real hackers would have contacted there victim and claimed there prize publiclly. They want credit for it. Usually, alerts go out to the community from hackers, then scum and script kiddies pick on vulnerabilitys already known and never patched.
  • EnverexEnverex Worcester, UK Icrontian
    edited June 2003
    Mort just basically didnt keep backups before, and what he told the others to backup was just the wrong thing anyway, which is why there was nothing to restore.

    "Look, shes got a big nose!!"

    NS
  • EnisadaEnisada Edmonton Member
    edited June 2003
    No I don't believe I can hack. But no matter as long as we got the backups running smooth we should be good then. I suppose change is good. We'll shall see when everything is up to speed....

    Enisada
  • trippintrippin Chatt, TN
    edited June 2003
    When citrix gets back I can configure the dedicated db server which has a tape drive in it, then we will have some nice tape rotation and keep detailed backups. Im pretty sure mortin didnt care about the server and was running a very old version of redhat linux which was full of holes. We are running the latest release of freebsd (4.8). Im working on the firewall so we should be pretty secure, and i keep my eye out for major security announcements as to keep the server from becoming vulnerable.
  • dydxdydx Cymru, UK
    edited June 2003
    What 'sploit did they use on the old icrontic?

    mD
  • kevin
    edited June 2003
    Originally posted by trippin
    When citrix gets back I can configure the dedicated db server which has a tape drive in it, then we will have some nice tape rotation and keep detailed backups. Im pretty sure mortin didnt care about the server and was running a very old version of redhat linux which was full of holes. We are running the latest release of freebsd (4.8). Im working on the firewall so we should be pretty secure, and i keep my eye out for major security announcements as to keep the server from becoming vulnerable.
    yeah, trippins on the job. one thing i couldnt help but reccomend...openbsd...how many security flaws have they had in the last 10 years? eh? then again, freebsd works nicely (in my limited experience with it...)
  • trippintrippin Chatt, TN
    edited June 2003
    www.openbsd.org
    Only one remote hole in the default install, in more than 7 years!

    I doubt that many attacks (in the *nix world) come from holes in the default install. If you chose by default to install freebsd there are not any servers running. Any vulnerability will be in the web server, ftp, or ssh. Im working on only letting those who need access to ftp and ssh be able to connect on those ports. If someone did hack into apache, they would find them self all alone as the user nobody. So, I would say the server is pretty safe, but no server is invulnerable to attack.
  • kevin
    edited June 2003
    I've been thinking of an idea....tell me if it sounds redundant or foolish:
    SSH Access to select few, and for ftp access get another colocated server box with ftp access and have the people with ssh access go into the secondary box and grab shit via ftp....so the main server is never running ftp? well? redundant? i would say so.
  • trippintrippin Chatt, TN
    edited June 2003
    Kevin, makes not sense. Ssh is going to be given only to select few, but we have to have a way to let people upload file and make changes ot the site, but we can just do the same w/ ftp as ssh.
Sign In or Register to comment.