Hacker's fault.
If a managed server is hacked ... who's at fault?
Collapse
X
-
Just to clarify this point - securing /tmp with noexec is not simply a chmod permissions command - /tmp needs to be chmod 0777 or things'll start going whacky. You need to mount /tmp withOriginally posted by prodiacThe best way to protect against that is to set your /tmp dir to be noexec, and link your other tmp directories there as well.
So not only do you always want to make sure you have the latest updates of all scripts you are running, but you want to make sure your directory permissions are also secure, don't allow writing if it doesn't need to be. Be careful with setting stuff to 777, etc.
mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp
or something similar and have it constantly mounted with noexec from fstab.
For coding work - hit me up on andy // borkedcoder // com
(consider figuring out the email as test #1)
All models are wrong, but some are useful. George E.P. Box. p202Comment
-
lol classic... but really, the answer is in the question, whoever's "managing" the server is at fault...Originally posted by PeachesHacker's fault.264 349 400Comment
-
How so????Originally posted by the alchemistlol classic... but really, the answer is in the question, whoever's "managing" the server is at fault...
Like scannerX said - there is not a single server out there that is unhackable. The only ones which are unhackable afrom external sources re the ones unplugged from the internet.
For coding work - hit me up on andy // borkedcoder // com
(consider figuring out the email as test #1)
All models are wrong, but some are useful. George E.P. Box. p202Comment
-
archive.orgOriginally posted by Chrisi am not wanting a full 100% restore
i want one domains file restored
the domain had no scripts
just a fwe html pages and about 200 images
thats it
nothing major...fuck all my other sites ... i was getting tired of baby sitting em just one site i want backWhitehat is for chumps
If you don't do it, somebody else will - true story!Comment
-
I've written a few HOWTOs over at SplitInfinity on a few "absolute musts" to securing your server....
nothing there on firewalls, since everyone has their own flavour (you are running a firewall aren't you?)
http://forums.splitinfinity.com/forumdisplay.php?f=7
Even if your server is managed, have a looksie at the HowTo's and if there something in them that isn't implemented, ask your managed provider to get it sorted.
This list is non-exhaustive and I'll be adding to the HowTo's, esp for security as and when, so check there regularly.
Any questions, post in the forum, or hit me up on ICQ.
I also do one-off hardening configs for $100 -if interested hit me up (this includes much more extensive hardening than those HowTo's, but over time, I'll be posting pretty much all the HowTo's so you can do it yourself if you're savvy enough!)
For coding work - hit me up on andy // borkedcoder // com
(consider figuring out the email as test #1)
All models are wrong, but some are useful. George E.P. Box. p202Comment
-
There's so much more then what you wrote there.
curl/fetch/wget1. EXECUTE THE FOLLOWING COMMANDS TO HELP PREVENT UPLOADS OF EXPLOITS:
chmod 0750 `which curl` 2>&-; chmod 0750 `which fetch` 2>&-; chmod 0750 `which wget` 2>&-
That's all? I can think of at least 5 more commands that would upload things, plus some 10 more ways to add it without uploading...agentGFY *at* gmail.comComment
-
Originally posted by borkedI've written a few HOWTOs over at SplitInfinity on a few "absolute musts" to securing your server....
nothing there on firewalls, since everyone has their own flavour (you are running a firewall aren't you?)
http://forums.splitinfinity.com/forumdisplay.php?f=7
Even if your server is managed, have a looksie at the HowTo's and if there something in them that isn't implemented, ask your managed provider to get it sorted.
This list is non-exhaustive and I'll be adding to the HowTo's, esp for security as and when, so check there regularly.
Any questions, post in the forum, or hit me up on ICQ.
I also do one-off hardening configs for $100 -if interested hit me up (this includes much more extensive hardening than those HowTo's, but over time, I'll be posting pretty much all the HowTo's so you can do it yourself if you're savvy enough!)
thanks for bumping this
now i am going to get 100 more icq from hosting companys wanting to sell me shit
fuck.Comment
-
lol - sorry!Originally posted by Christhanks for bumping this
now i am going to get 100 more icq from hosting companys wanting to sell me shit
fuck.

For coding work - hit me up on andy // borkedcoder // com
(consider figuring out the email as test #1)
All models are wrong, but some are useful. George E.P. Box. p202Comment
-
As it says - it HELPSOriginally posted by ladidaThere's so much more then what you wrote there.
curl/fetch/wget
That's all? I can think of at least 5 more commands that would upload things, plus some 10 more ways to add it without uploading...
Adult websites are the most targetted sector. This was just a start to get a comprehensive security list together to help others.
So, hey, do us all a favour and add things to the threads I created

For coding work - hit me up on andy // borkedcoder // com
(consider figuring out the email as test #1)
All models are wrong, but some are useful. George E.P. Box. p202Comment
-
i'm actually responsible, i'll try not to let it happen again.
http://candydreams.com
info[at]candydreams[dot]comComment
-
It depends to your level of management, but really, it's usually not directly applicable to the host.
For instance, if you are paying for a colocated server - most sites will install the basic OS, give you your IP list, and your root password. From there, it's all yours.
However, if you are paying for a managed host, you really need to see what their level of support is. Most 'managed' will monitor HTTP and do basic support, but not that many offer upgrades or updates beyond your initial install - some of them aren't even aware that they should update the OS, being that DirectAdmin/CPanel have the ability to update their specific Apache 1.3/PHP/etc support tools.
The closest experience to a fully managed system I've actually had was through a non-adult service, ICDSoft. They actually scanned all clients, and alerted those with phpBB2 to ensure they ran updates. It was surprising, being how cheap their services were. However, they DO NOT do adult, and I don't believe that they offer anything other than shared accounts at this time.
Sorry to hear you got hacked. It'd be interesting to know how they got in.Comment
-
Um, i was more pointing to the fact that you did a "half job", and when security is the concern, that does more harm, then helps. If you're gona cover one subject, cover it completelly, don't write half of it, because i can assure you, 70% of webmasters are gona read that, do what you said and think "okay, i disabled uploads, how in the hell did he get that exploit on server", and they'll lose time searching in the wrong direction.Originally posted by borkedAs it says - it HELPS
Adult websites are the most targetted sector. This was just a start to get a comprehensive security list together to help others.
So, hey, do us all a favour and add things to the threads I created
agentGFY *at* gmail.comComment
-
Originally posted by ladidaUm, i was more pointing to the fact that you did a "half job", and when security is the concern, that does more harm, then helps. If you're gona cover one subject, cover it completelly, don't write half of it, because i can assure you, 70% of webmasters are gona read that, do what you said and think "okay, i disabled uploads, how in the hell did he get that exploit on server", and they'll lose time searching in the wrong direction.
rcp, lynx, links, scp, nc, elinks, proxy, vbox, lwp, GET will all be added to the HowTO in due time.
It's not a half-assed job. It's work in progress, fuckwit.
Now, if you want to help others to help themsleves, add to the thread goddammit. 99% of the peopel who have servers here wouldn't know what to do. It's not easy putting up easy-to-follow instructions. So I did the basics and will update as and when I have the time.
For coding work - hit me up on andy // borkedcoder // com
(consider figuring out the email as test #1)
All models are wrong, but some are useful. George E.P. Box. p202Comment

AIM: GrouchyGfy
Comment