Today for the fourty millionth time I get a email saying that somone tried a brute force attack on my linux server, and when i checked, sure enough I had a trojan installed.
I'm *REAL* fed up with this. Like up to here (hand above head)
I want to lock down my box, nobody on the IRC wants to talk...
I made these keys but I honestly dont know how to make this work.
I'm literally stumped. I'll try playing around some more.
b
SSH keys won't help you from a brute force attack. Good passwords, updates/patches, and iptables will though. That being said, here is a good write up on them:
http://pkeck.myweb.uga.edu/ssh/
-Aaron
Yeah I need a mail server fairly quickly.
b
Hey Britt, have you heard what Google is doing with hosted mail? I'm not talking Gmail, I'm talking a beta program they have for domain-based email. I got an invite from them and am evaluating it.
I manage Exchange mail servers for most of my larger clients and am not looking to move away from that for serious business accounts, but this new Google thing is worth looking at. They manage the mail server completely, but the accounts are all at YOUR domain. Do some searching on it. If you're interested, I'll try and help you get an invite to the program.
That woudl be awesome
Ive had it with Linode.
I love linux, but they just screwed up big. Let me know what you come up with.
Here I am thinking my passwords suck and its MY fault that im getting hacked only after a couple of days, and come to find out its Linode's fault.
Please let me know.
b
Start https://www.google.com/a/. Let me know if you hit a dead end accompanied with verbage about needing an invitation.
OK im in, I have to make a MX record pointing where?
Andy I own stock in MS,
I still will never own a MS box, I have my reasons.
The issue with MANAGED HOSTING and VIRTUAL HOSTING, is that security issues with one sector of a server messes with another, so I could be getting attacks from inside of the data center.
I dont want to go into why I like Linux, I just think MS could be doing a better job.
Did you catch the patch for the patch for the problem MS released recently?
Its like those damn service stations, go in for a check engine light and come out needing a O2 sensor replaced, and then coming back out needing the MAP sensor replaced
This isnt an issue of OS.
Honestly im not pissed, I lost about ten customers I had saved in my email with contact info, so figure about 700 bucks tubed.
Andy I dont wish to make this an issue of 'which OS is better'
I'd rather just stick to solving problems.
And Andy, if teh software writers FOLLOWED MICROSOFT GUIDELINES when writing software, there would be VERY LITTLE security holes to patch.
But to be cheap, people cut corners and such, bc time is money....
With linux its more of a labor of love, unless you go with paid distributions....
b
Crap that assumes I have email functioning
I think you can answer this debate by tabulating the results of who uses Linux and who uses Microsoft solutions. Maybe I'm bubble boy, but in my circles, the big time companies use Microsoft solutions many many more times than *nux. Don't get me wrong, I appreciate what Linux is about. But in the serious business world, Microsoft squishes Xnix, Xnux, etc.. Because of that, they are a huge target.
Where the Kumhos really meet the tarmac is at the ADMINS. If they are on top of their game, they can head off most of the crap because of their educated and proactive efforts. One camp has a huge team of open source genuises working on their stuff. Another has a multi-billion-dollar corporation working on theirs. Backing helps, but admins make the difference.
Andy, I do have to admit something though. I wished that Microsoft would crack down on people writing dumbass code for thier OS.
The only thing the GPL has going for them is various levels of support and depending on the writer's or developer's level of rule-following, the program is placed into different catagories
STABLE = current
TESTING
NON-FREE = doesnt follow GPL
UNIVERSE = anything goes...
b
You're right. I guess I'm looking at the overall averages. I really should have thought better before posting anything that suggested one company/technology was superior.
At any rate, props to all the really good IT managers, of all camps! That's the true fulcrum.
I wonder how many of them drive a 914? (Thus revealing their true character and intelligence. Umm, is that good?)
Im not getting involved.
It all comes down to writing GOOD SOFWARE to work with GOOD operating systems.
MS has the issue of cheap bastard companies writing software, they dont care anything about security so holes are left opened, and its up to MS to patch them.
Check out GRC.com
b
I've been running RHEL for years now and following good practices - simple things; good passwords, nightly updates, sane iptables, I have yet to have any machine I manage be compromised.
The only time we are compromised is through weak passwords, a break down in the patching system (like a full disk), or through *user error*. Most of these problems can rather easily be addressed.
Linux is fine. As with any operating system you have to think it through and follow recommended practices. I truely don't see how anyone that's not an SA can keep a box on the net these days. It's bad out there.
I'd be glad to help in anyway I can.
-Aaron
I manage several computers remotely, and if they stay offline for the most part, my job is easy.
But others.....
the face is saying MA MORE
Powered by Invision Power Board (http://www.invisionboard.com)
© Invision Power Services (http://www.invisionpower.com)