What do you think of this? A site that boasts about all the sites they have cracked.
Amazing!
http://www.zone-h.org/it/defacements/filte...c_S0uls/page=1/
and the scary thing is some of these sites are Plesk, Cpanel!!
Full Version: Sites like this should be reported and banned
Hmmm
almost all are (lin)ux....
hp
almost all are (lin)ux....
hp
I followed the link and went in the IRC channel.
Then I asked for advice how to better secure my server.
I was on a java client so I couldn't copy and paste.
Here's what one person said....
He told me to chroot jails. He said that it would be possible for them to XSS and log in with XTERM as user nobody.
Then he recommended reading "secure servers" by O'rielly
He said that on his box he uses multiple chroot jails inside chroot jails inside chroot jails and so on. This way he said tripwire will email alert before they have time to get int he last level.
He suggested using an IDS like snort. For own networks he suggested policy based networking instead of application based networking.
He said that RS DNS bind nameservers are pretty secure.
That's about it.
I am a total newbie so please comment on his comments.
Then I asked for advice how to better secure my server.
I was on a java client so I couldn't copy and paste.
Here's what one person said....
He told me to chroot jails. He said that it would be possible for them to XSS and log in with XTERM as user nobody.
Then he recommended reading "secure servers" by O'rielly
He said that on his box he uses multiple chroot jails inside chroot jails inside chroot jails and so on. This way he said tripwire will email alert before they have time to get int he last level.
He suggested using an IDS like snort. For own networks he suggested policy based networking instead of application based networking.
He said that RS DNS bind nameservers are pretty secure.
That's about it.
I am a total newbie so please comment on his comments.
QUOTE
Originally posted by chapsrulez
http://www.2600.com
http://www.2600.com
ROFLMAO! Dude, your sig is to dang funny!! ROTFLMMFAO!!
Cajun
QUOTE
Originally posted by cmafia
ROFLMAO! Dude, your sig is to dang funny!! ROTFLMMFAO!!
Cajun
ROFLMAO! Dude, your sig is to dang funny!! ROTFLMMFAO!!
Cajun
what means ROFLMAO... ROTFLMMFAO???
Rolling On Floor Laughing My A#$ Off
Rolling On Floor Laughing My Mother F'ing A#$ Off
Rolling On Floor Laughing My Mother F'ing A#$ Off
tnks foggy
QUOTE
Originally posted by nikos
I followed the link and went in the IRC channel.
Then I asked for advice how to better secure my server.
I was on a java client so I couldn't copy and paste.
Here's what one person said....
He told me to chroot jails. He said that it would be possible for them to XSS and log in with XTERM as user nobody.
Then he recommended reading "secure servers" by O'rielly
He said that on his box he uses multiple chroot jails inside chroot jails inside chroot jails and so on. This way he said tripwire will email alert before they have time to get int he last level.
He suggested using an IDS like snort. For own networks he suggested policy based networking instead of application based networking.
He said that RS DNS bind nameservers are pretty secure.
That's about it.
I am a total newbie so please comment on his comments.
I followed the link and went in the IRC channel.
Then I asked for advice how to better secure my server.
I was on a java client so I couldn't copy and paste.
Here's what one person said....
He told me to chroot jails. He said that it would be possible for them to XSS and log in with XTERM as user nobody.
Then he recommended reading "secure servers" by O'rielly
He said that on his box he uses multiple chroot jails inside chroot jails inside chroot jails and so on. This way he said tripwire will email alert before they have time to get int he last level.
He suggested using an IDS like snort. For own networks he suggested policy based networking instead of application based networking.
He said that RS DNS bind nameservers are pretty secure.
That's about it.
I am a total newbie so please comment on his comments.
Multilevel chrooted jails ... tripwires ... methinks some people have too much time on their hands. Seems like the kind of people who will spend their whole day planning the day with their dayplanner ...
No good wearing a plastic bag over your head to prevent you from catching a cold.Of course you need to secure your server, but you got to be able to breathe.
PS. ob. topic: I agree, it is amazing that anyone will host this server. As with most of these "borderline" servers it is hosted in Eastern Europe:
QUOTE
$ nslookup zone-h.org
Name: zone-h.org
Address: 213.219.122.11
$ whois 213.219.122.11
BW whois 3.2 by Bill Weinman (http://whois.bw.org/)
Copyright 1999-2002 William E. Weinman
Request: 213.219.122.11
connected to whois.arin.net [192.149.252.43:43] ...
connected to whois.ripe.net [193.0.0.135:43] ...
% This is the RIPE Whois server.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/ripencc/pub-services/d.../copyright.html
inetnum: 213.219.122.0 - 213.219.122.255
netname: EE-ESTPAK
descr: Serverhousing
descr: Sole 14
descr: Tallinn
descr: Estpak Data/Estonian Telephone Co
country: EE
admin-c: ET332-RIPE
tech-c: ET332-RIPE
rev-srv: dns.estpak.ee
rev-srv: dns2.estpak.ee
notify: ripe@estpak.ee
status: ASSIGNED PA
mnt-by: ESTPAK-MNT
changed: klem@estpak.ee 20010724
changed: klem@estpak.ee 20020326
source: RIPE
route: 213.219.64.0/18
descr: EE-ESTPAK-213-219-64-0-18
origin: AS3249
notify: klem@estpak.ee
mnt-by: ESTPAK-MNT
changed: klem@estpak.ee 20010109
source: RIPE
role: ESTPAK NOC
address: Estonian Telephone Co/Estpak Data Ltd.
address: Hostmasters and NOC helpdesk
address: Sole str 14, Tallinn
address: Estonia
fax-no: +372 639 1180
e-mail: abuse@estpak.ee
e-mail: ripe@estpak.ee
trouble: 24/7 phone +372 639 1082
trouble: abuse@estpak.ee
remarks: ----------------------------------------
remarks: Abuse notifications to: abuse@estpak.ee
remarks: Network problems to: noc@estpak.ee
remarks: Peering requests to: peering@estpak.ee
remarks: IPv6 peering requests to: ipv6@estpak.ee
remarks: ----------------------------------------
admin-c: KK3254-RIPE
tech-c: RIX2-RIPE
tech-c: JT82-RIPE
tech-c: AK546-RIPE
nic-hdl: ET332-RIPE
notify: ripe@estpak.ee
mnt-by: ESTPAK-MNT
changed: klem@estpak.ee 20010726
changed: klem@estpak.ee 20010904
changed: klem@estpak.ee 20020110
changed: klem@estpak.ee 20030210
source: RIPE
Name: zone-h.org
Address: 213.219.122.11
$ whois 213.219.122.11
BW whois 3.2 by Bill Weinman (http://whois.bw.org/)
Copyright 1999-2002 William E. Weinman
Request: 213.219.122.11
connected to whois.arin.net [192.149.252.43:43] ...
connected to whois.ripe.net [193.0.0.135:43] ...
% This is the RIPE Whois server.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/ripencc/pub-services/d.../copyright.html
inetnum: 213.219.122.0 - 213.219.122.255
netname: EE-ESTPAK
descr: Serverhousing
descr: Sole 14
descr: Tallinn
descr: Estpak Data/Estonian Telephone Co
country: EE
admin-c: ET332-RIPE
tech-c: ET332-RIPE
rev-srv: dns.estpak.ee
rev-srv: dns2.estpak.ee
notify: ripe@estpak.ee
status: ASSIGNED PA
mnt-by: ESTPAK-MNT
changed: klem@estpak.ee 20010724
changed: klem@estpak.ee 20020326
source: RIPE
route: 213.219.64.0/18
descr: EE-ESTPAK-213-219-64-0-18
origin: AS3249
notify: klem@estpak.ee
mnt-by: ESTPAK-MNT
changed: klem@estpak.ee 20010109
source: RIPE
role: ESTPAK NOC
address: Estonian Telephone Co/Estpak Data Ltd.
address: Hostmasters and NOC helpdesk
address: Sole str 14, Tallinn
address: Estonia
fax-no: +372 639 1180
e-mail: abuse@estpak.ee
e-mail: ripe@estpak.ee
trouble: 24/7 phone +372 639 1082
trouble: abuse@estpak.ee
remarks: ----------------------------------------
remarks: Abuse notifications to: abuse@estpak.ee
remarks: Network problems to: noc@estpak.ee
remarks: Peering requests to: peering@estpak.ee
remarks: IPv6 peering requests to: ipv6@estpak.ee
remarks: ----------------------------------------
admin-c: KK3254-RIPE
tech-c: RIX2-RIPE
tech-c: JT82-RIPE
tech-c: AK546-RIPE
nic-hdl: ET332-RIPE
notify: ripe@estpak.ee
mnt-by: ESTPAK-MNT
changed: klem@estpak.ee 20010726
changed: klem@estpak.ee 20010904
changed: klem@estpak.ee 20020110
changed: klem@estpak.ee 20030210
source: RIPE
Yet another reason to block that part of the world in the firewall:
iptables -A INPUT -s 213.219.122.0/24 -j DROP
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.