Re: [tlug] hello from a new / old member

["Stephen J. Turnbull" <stephen@example.com>]

>>>>> "Scott" == Scott VanDusen <Scott_VanDusen@example.com> writes:

    Scott> I was living in Sendai and got help connecting my linux box
    Scott> to my cable modem- remember when doing something like that
    Scott> in Linux was difficult?

Still is; there's an on-going thread on the matter!

    Scott> Also, a server at home got hacked the other day (apache
    Scott> remote php inclusion hack I think),

Interesting ... I was just about to post asking if anybody had seen
this.  A box that serves some documentation internally suddenly
started seeing huge logs despite a "go away" robots.txt, all of the
404 accesses being .php scripts.  Of course, I don't do PHP at all
....  (I considered it an attractive nuisance, on the order of
connecting a Windows box to the 'net.  Looks like I was right! ;-)

Mostly I just don't run servers, and firewall most of those that I do
run, except sshd and httpd.  (The U MXes for me so I don't need a
'net-facing MX.)  I got sick of the ssh password crackers, so now only
my home IP (which is dynamic but only changes with the phases of the
moon, if that often) is allowed in.  I still see them banging on the
door in the TCP logs, of course.

    Scott> If anyone is interested I've done some forensic analysis of
    Scott> the break-in and can send you the details..

Yes, please.


-- 
School of Systems and Information Engineering http://turnbull.sk.tsukuba.ac.jp
University of Tsukuba                    Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
               Ask not how you can "do" free software business;
              ask what your business can "do for" free software.