Re: Cracking attempt
On Mon, 24 Feb 2003, Russell Coker wrote:
> On Mon, 24 Feb 2003 10:59, Tim Spriggs wrote:
> > > That's the only thing to do, if someone is excessively scanning you then
> > > you block their IP addresses for a while. Of course you can't be too
> > > trigger happy with this or you'll end up with half the Internet in your
> > > firewall rule set...
> >
> > In the defense of the ballistic person that is complaining about the
> > portscan, one of our servers is running a backup server that dies with no
> > error/warning when the server is portscanned. Unfortunately, our servers
> > can not be put behind a firewall as funding is at an all time low.
>
> !?!?!?
>
> Firstly having a backup server on a public IP address is just asking for
> trouble.
Yes, I know.
>
> What OS are you using? Presumably if it was Linux you would have solved the
> problem with iptables or ipchains long ago...
Solaris 9 :( It does have some firewalling software but caused some major
conflicts at one point with no config and honestly, I and one other person
are pushing to get a firewall and seperation of tasks on different
machines. The way this thing sits right now I'd be un-surprised if someone
with an hour of spare time and a little talent could get in and fuck a
_LOT_ up.
>
> BTW As a rule of thumb, if you can crash it then you can probably exploit it,
> I hope that server isn't running as root.
I realize that too. Unfortunately, Universities (at least around here)
tend to be VERY political and getting something like linux as a main
college server in place would be "making waves" with the type of people
that run the money upstairs. Like I said, I'm pushing it. Debian has been
an all-time favorite of mine since I left redhat at version 5.2/5.0
several years back. I'd love to put Linux on the machine and call it a
day. For one, things compile MUCH easier.
> > This is a very inconvenient feature and the company that provides the
> > backup server will do nothing about it so we have to manually restart the
> > deamon from time to time because we were (innocently) portscanned.
>
> That sucks. Napster clients used to do the same, but you couldn't complain
> too much about free software that is used for unauthorised audio copying. ;)
Yeah, but you can sure as hell complain about backup software that you BUY
and then don't recieve technical support in any way without paying more
and having a setup that barely works as it is.
~cough~ Veritas ~clears throught~ sorry... Just a little built up...
The hardware is kinda fun though... Sun v880 with 4GB's of ram and 6 36GB
Fiber Channel drives.
<shout out>
On of the drives is dedicated to mirrors by the way. We have a
debian/cpan/xfree86/sunfreeware mirror setup on the box for anyone that's
in/around/close to Arizona.
</shout out>
-Tim
< PRE >
##--##--##--##--##--##--##--##--##--##--##--##--##
| T I M S P R I G G S |
| Assistant Sysadmin - Development |
| College of Engineering and Mines |
| ECE206A - (520) 621-3185 |
##--##--##--##--##--##--##--##--##--##--##--##--##
</PRE >
Reply to: