[Techtalk] Server was broken into ... what good tools are there to probe vulnerabilities?
mikecarson at usa.net
Wed Nov 21 15:44:01 EST 2001
>It was actually kind of weird that the hackers got into the site and added
>html files to two sites without actually defacing either. Makes me think
>they didn't quite finish the job.
The real pros aren't after a defacement, most of the time, and
increasingly, neither are the script kiddies. They may be using you as
a launch point for attacks against another system, as a file repository,
as a place to run a chat or game server, as a launch point for DDoS
attacks, or even as one way to get more CPU time for SETI at Home.
>Of course, you're probably right, I should try to check everything.
>Unfortunately, this is a virtual server provided by a hosting company that
>is none too responsive when it comes to support calls. They haven't
>contacted me since I sent them an e-mail about this Sunday night. I may ask
>them to reset the system since it really is just configured as a Web server.
>Knowing them, they'll want to charge me a setup fee ... Ugh. I hate
>Infinology. Unfortunately they were the only hosting company I could find
>that I could host a DNS server and unlimited virtual domains at without
>having to pay >$100/month. If anyone knows of alternatives, I'd love to hear
My only suggestion would be to get a DSL line from Speakeasy.net or
some other provider that will allow you to run a server (business class
account?) and run it from home. It's educational, you are as responsive
to yourself as you desire for tech support, and it solves your home
broadband access issues, too.
IMHO, their response (or lack of same) is entirely unacceptable.
Unless, of course, they are feverishly working to contain a massive
break-in and aren't responding to related issues until they get a handle
on it. Unlikely, but possible.
More information about the Techtalk