[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Cracking attempt

On Mon, 24 Feb 2003, Russell Coker wrote:

> On Mon, 24 Feb 2003 10:59, Tim Spriggs wrote:
> > > That's the only thing to do, if someone is excessively scanning you then
> > > you block their IP addresses for a while.  Of course you can't be too
> > > trigger happy with this or you'll end up with half the Internet in your
> > > firewall rule set...
> >
> > In the defense of the ballistic person that is complaining about the
> > portscan, one of our servers is running a backup server that dies with no
> > error/warning when the server is portscanned. Unfortunately, our servers
> > can not be put behind a firewall as funding is at an all time low.
> !?!?!?
> Firstly having a backup server on a public IP address is just asking for
> trouble.

Yes, I know.

> What OS are you using?  Presumably if it was Linux you would have solved the
> problem with iptables or ipchains long ago...

Solaris 9 :( It does have some firewalling software but caused some major
conflicts at one point with no config and honestly, I and one other person
are pushing to get a firewall and seperation of tasks on different
machines. The way this thing sits right now I'd be un-surprised if someone
with an hour of spare time and a little talent could get in and fuck a
_LOT_ up.

> BTW  As a rule of thumb, if you can crash it then you can probably exploit it,
> I hope that server isn't running as root.

I realize that too. Unfortunately, Universities (at least around here)
tend to be VERY political and getting something like linux as a main
college server in place would be "making waves" with the type of people
that run the money upstairs. Like I said, I'm pushing it. Debian has been
an all-time favorite of mine since I left redhat at version 5.2/5.0
several years back. I'd love to put Linux on the machine and call it a
day. For one, things compile MUCH easier.

> > This is a very inconvenient feature and the company that provides the
> > backup server will do nothing about it so we have to manually restart the
> > deamon from time to time because we were (innocently) portscanned.
> That sucks.  Napster clients used to do the same, but you couldn't complain
> too much about free software that is used for unauthorised audio copying.  ;)

Yeah, but you can sure as hell complain about backup software that you BUY
and then don't recieve technical support in any way without paying more
and having a setup that barely works as it is.

~cough~ Veritas ~clears throught~ sorry... Just a little built up...

The hardware is kinda fun though... Sun v880 with 4GB's of ram and 6 36GB
Fiber Channel drives.

<shout out>
On of the drives is dedicated to mirrors by the way. We have a
debian/cpan/xfree86/sunfreeware mirror setup on the box for anyone that's
in/around/close to Arizona.
</shout out>


                     < PRE >
|             T I M    S P R I G G S             |
|        Assistant Sysadmin - Development        |
|        College of Engineering and Mines        |
|            ECE206A - (520) 621-3185            |
                     </PRE >

Reply to: