Printable Version of Topic

Posted by: bd1308 Sep 11 2006, 07:36 PM

Today for the fourty millionth time I get a email saying that somone tried a brute force attack on my linux server, and when i checked, sure enough I had a trojan installed.

I'm *REAL* fed up with this. Like up to here (hand above head)

I want to lock down my box, nobody on the IRC wants to talk...

I made these keys but I honestly dont know how to make this work.

I'm literally stumped. I'll try playing around some more.

b

Posted by: yeahmag Sep 11 2006, 09:04 PM

SSH keys won't help you from a brute force attack. Good passwords, updates/patches, and iptables will though. That being said, here is a good write up on them:

http://pkeck.myweb.uga.edu/ssh/

-Aaron

Posted by: bd1308 Sep 11 2006, 09:33 PM

Yeah I need a mail server fairly quickly.

b

Posted by: Rand Sep 11 2006, 10:02 PM

Hey Britt, have you heard what Google is doing with hosted mail? I'm not talking Gmail, I'm talking a beta program they have for domain-based email. I got an invite from them and am evaluating it.

I manage Exchange mail servers for most of my larger clients and am not looking to move away from that for serious business accounts, but this new Google thing is worth looking at. They manage the mail server completely, but the accounts are all at YOUR domain. Do some searching on it. If you're interested, I'll try and help you get an invite to the program.

Posted by: bd1308 Sep 11 2006, 10:09 PM

That woudl be awesome


Ive had it with Linode.

I love linux, but they just screwed up big. Let me know what you come up with.

Here I am thinking my passwords suck and its MY fault that im getting hacked only after a couple of days, and come to find out its Linode's fault.

Please let me know.

b

Posted by: Rand Sep 11 2006, 10:14 PM

Start https://www.google.com/a/. Let me know if you hit a dead end accompanied with verbage about needing an invitation.

Posted by: SirAndy Sep 11 2006, 10:18 PM

get a windows box!

haha, oh man, i've been waiting to say that ...

hail to the OS without hackers and viruses! or not ...


will people ever realize that the amount of viruses and hack-attacks is directly proportional to the exposure/marketshare of the targeted OS?
Andy

Posted by: bd1308 Sep 11 2006, 10:19 PM

OK im in, I have to make a MX record pointing where?

Posted by: Rand Sep 11 2006, 10:26 PM

They should send you an email that explains how to log in to the control panel, configure the DNS/MX records, etc.

Posted by: bd1308 Sep 11 2006, 10:30 PM

Andy I own stock in MS,

I still will never own a MS box, I have my reasons.

The issue with MANAGED HOSTING and VIRTUAL HOSTING, is that security issues with one sector of a server messes with another, so I could be getting attacks from inside of the data center.

I dont want to go into why I like Linux, I just think MS could be doing a better job.

Did you catch the patch for the patch for the problem MS released recently?

Its like those damn service stations, go in for a check engine light and come out needing a O2 sensor replaced, and then coming back out needing the MAP sensor replaced

This isnt an issue of OS.


Honestly im not pissed, I lost about ten customers I had saved in my email with contact info, so figure about 700 bucks tubed.

Andy I dont wish to make this an issue of 'which OS is better'

I'd rather just stick to solving problems.

And Andy, if teh software writers FOLLOWED MICROSOFT GUIDELINES when writing software, there would be VERY LITTLE security holes to patch.

But to be cheap, people cut corners and such, bc time is money....

With linux its more of a labor of love, unless you go with paid distributions....


b

Posted by: bd1308 Sep 11 2006, 10:32 PM

Crap that assumes I have email functioning

Posted by: Rand Sep 11 2006, 10:36 PM

I think you can answer this debate by tabulating the results of who uses Linux and who uses Microsoft solutions. Maybe I'm bubble boy, but in my circles, the big time companies use Microsoft solutions many many more times than *nux. Don't get me wrong, I appreciate what Linux is about. But in the serious business world, Microsoft squishes Xnix, Xnux, etc.. Because of that, they are a huge target.

Where the Kumhos really meet the tarmac is at the ADMINS. If they are on top of their game, they can head off most of the crap because of their educated and proactive efforts. One camp has a huge team of open source genuises working on their stuff. Another has a multi-billion-dollar corporation working on theirs. Backing helps, but admins make the difference.

Posted by: bd1308 Sep 11 2006, 10:38 PM

Andy, I do have to admit something though. I wished that Microsoft would crack down on people writing dumbass code for thier OS.

The only thing the GPL has going for them is various levels of support and depending on the writer's or developer's level of rule-following, the program is placed into different catagories

STABLE = current
TESTING
NON-FREE = doesnt follow GPL
UNIVERSE = anything goes...


b

Posted by: Chris Hamilton Sep 11 2006, 10:58 PM

Then again we do have small-time companies like yahoo and google using *nix.

Posted by: Rand Sep 11 2006, 11:01 PM

You're right. I guess I'm looking at the overall averages. I really should have thought better before posting anything that suggested one company/technology was superior.

At any rate, props to all the really good IT managers, of all camps! That's the true fulcrum.

I wonder how many of them drive a 914? (Thus revealing their true character and intelligence. Umm, is that good?)

Posted by: bd1308 Sep 11 2006, 11:07 PM

Im not getting involved.

It all comes down to writing GOOD SOFWARE to work with GOOD operating systems.

MS has the issue of cheap bastard companies writing software, they dont care anything about security so holes are left opened, and its up to MS to patch them.

Check out GRC.com

b

Posted by: yeahmag Sep 11 2006, 11:15 PM

I've been running RHEL for years now and following good practices - simple things; good passwords, nightly updates, sane iptables, I have yet to have any machine I manage be compromised.

The only time we are compromised is through weak passwords, a break down in the patching system (like a full disk), or through *user error*. Most of these problems can rather easily be addressed.

Linux is fine. As with any operating system you have to think it through and follow recommended practices. I truely don't see how anyone that's not an SA can keep a box on the net these days. It's bad out there.

I'd be glad to help in anyway I can.

-Aaron

Posted by: bd1308 Sep 11 2006, 11:17 PM

I manage several computers remotely, and if they stay offline for the most part, my job is easy.

But others.....

Posted by: bd1308 Sep 11 2006, 11:18 PM

the face is saying MA MORE

Posted by: SirAndy Sep 12 2006, 12:56 AM

i guess the point i was trying to make was lost on you ...
please re-read my previous post.

to put it in simple words, there is no such thing as a "better" OS. different, yes. better, no. they *all* have their good parts and their not so good parts.

like i said, the amount of "outside" crap you have to deal with is directly proportional to the marketshare of the OS and has nothing to do with quality (or lack of) ...

if you're a hacker, would you go trough all the trouble and time (and the possiblity of a lot of jail-time) to write a virus for a OS that no-one uses?
probably not ...

and anybody who says that Mac's don't crash obviously has never used his even close to it's potential.
but at least the little bomb with the lit fuse was more creative than the blue screen of death on windows.
and as any good unix sys-admin can assure you, those very long overnight hours weren't just spent watching that box run smoothly either ...

Andy <-- who's sitting in front of a WinXP box browsing the clubsite, WinSCP3ing and VNC'd into a linux box across the room compiling some c-libraries and setting up a tomcat webservice while setting up a compaq win2000 server that's sitting on my desk while FTP-ing onto another win2000 server at the colo to do some software upgrades and VNC'd into a WinNT server at the colo to figure out a memory leak related to the PHP runtime and at the same time WinSCP3-ing to another Linux server in boise through a cisco VPN client ...