[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

HELP: Got in security trouble.


If you know good documentation/Web pages about Security of Debian system and 
especially Web server, and how to set them right on Debian Box, please send me 
a note.  Below is yet another story of hacker attack, which you may just 
ignore.  Sorry if it is not exactly Debian issue.

Thank you,

--------------  ONE MORE STORY ABOUT HACKERS ATTACK --------------------------

Well it may be true that there really is a hacker contest these days.  Here is 
the story: couple of days ago hacker broke into our SGI system, managed to get 
root password but was noticed very quickly (like 20 minutes). Did not do any 
harm to our knowledge.  We are academic institution, and there is really not 
much of interest.

Our system administrator was swearting for 3 day to figure out that he/she 
broke through WWW server using security hole in CGI module to steal vital file 
which they used to break in. It turned out that it was me who convince A to 
install this CGI module, which apparently I did not compile with all security 
knobs turned on in my laziness.  Well the module is erased and good chunk of 
my pages that I was so proud of are gone.  Right now System administrator is 
extremely concerned and I have very little chances to convince him to put my 
pages back.  So perhaps I'll put them on my Debian box, but now (welcome to 
hell) I need to manage WWW security there.

1. Is Apache WWW server considered reasonably secure?
2. I used CGI module for WWW interface to MySQL database, any recommendations 
for good-free-secure one?
3. We know when the hacker tried to login, and from where, (from AOL for 
example) Are there any friendly communities on the Web to contact to try to 
chase him down? (But I'm not sure it's worth the effort). Any thoughts about 
what bad things this hacker could possibly leave and we need to remove?

Thanks again,

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to: