GoFuckYourself.com - Adult Webmaster Forum - View Single Post - 800 YARGHS! but this be a post for security guys.

theonanistscorner · 03-22-2005, 05:38 PM

hey man!, how are you ? ... well, i'll try to help you even thought i really don't know the enviroment you are running ...

First of all ... i'm periodically reading security mailing lists cause i work developing exploits and i didn't notice any existing bug lately on eggdrop ... so if you are right and they hacked you that way ... well, its surely a 0day exploit, which means you won't have a patch avaliable so it may happen again! ...

but don't get crazy, you still may protect from this attacks ... or at least make them 10 times worst to exploit a vulnerability ... and here is what you can do:

I don't know which operating system you are running ... but i'll try to help you on almost all i know:

If you are running OpenBSD, the latest versions, and you got hacked with all their security features enabled ... well ... just asume you don't own any more that machine cause the one who made it really knows what he is doing ...

If you are running a linux server, try fedora 2 ... enable all their security features ... to be more specifically: Apply PaX ( This is a kernel level patch which bring you a lot of security enforsments which almost make a bug un-exploitable ... ) ... Try also grsecurity patch ... this patch is really useful if you know what you are doing ... you can prevent specific application executing specific syscalls ... for example ... if you are running an apache server, you know it won't bind to a port except the one it uses to listen the http requests ... well ... you can enforce this type of things ...

So basically ... what you can do to be almost sure you won't be hacked again if you don't know very much what you are doing: Install PaX and grsecurity patches, or enable all fedora security options ( At the moment, the most secure linux distribution ) ...

If you are running a Windows system ... i'm really don't know very much this platform but i think there is nothing like PaX on Windows, so i seggest moving to Windows 2003 which has some of this security enforsments ... i also would install some sort of IDS like snort to al least detect what are they exploiting, check out in your logs if you have any SIGSEGV reported by any application, on windows this is called ACCESS VIOLATION i think ...

Well, thats all i can think of with the information i have, i just made you some general security enforcements ... if you could give us more information, maybe i could help you more, just drop me a PM and i will help you if a can ... god bye man, and good luck with that fucking bastard :p ...
/s

03-22-2005, 05:38 PM
theonanistscorner Registered User Join Date: Dec 2004 Posts: 50	hey man hey man!, how are you ? ... well, i'll try to help you even thought i really don't know the enviroment you are running ... First of all ... i'm periodically reading security mailing lists cause i work developing exploits and i didn't notice any existing bug lately on eggdrop ... so if you are right and they hacked you that way ... well, its surely a 0day exploit, which means you won't have a patch avaliable so it may happen again! ... but don't get crazy, you still may protect from this attacks ... or at least make them 10 times worst to exploit a vulnerability ... and here is what you can do: I don't know which operating system you are running ... but i'll try to help you on almost all i know: If you are running OpenBSD, the latest versions, and you got hacked with all their security features enabled ... well ... just asume you don't own any more that machine cause the one who made it really knows what he is doing ... If you are running a linux server, try fedora 2 ... enable all their security features ... to be more specifically: Apply PaX ( This is a kernel level patch which bring you a lot of security enforsments which almost make a bug un-exploitable ... ) ... Try also grsecurity patch ... this patch is really useful if you know what you are doing ... you can prevent specific application executing specific syscalls ... for example ... if you are running an apache server, you know it won't bind to a port except the one it uses to listen the http requests ... well ... you can enforce this type of things ... So basically ... what you can do to be almost sure you won't be hacked again if you don't know very much what you are doing: Install PaX and grsecurity patches, or enable all fedora security options ( At the moment, the most secure linux distribution ) ... If you are running a Windows system ... i'm really don't know very much this platform but i think there is nothing like PaX on Windows, so i seggest moving to Windows 2003 which has some of this security enforsments ... i also would install some sort of IDS like snort to al least detect what are they exploiting, check out in your logs if you have any SIGSEGV reported by any application, on windows this is called ACCESS VIOLATION i think ... Well, thats all i can think of with the information i have, i just made you some general security enforcements ... if you could give us more information, maybe i could help you more, just drop me a PM and i will help you if a can ... god bye man, and good luck with that fucking bastard :p ... /s