Security Incidents mailing list archives
Re: Cracked by the Brazilians
From: mrseth () PHYSICS GMU EDU (Seth Milder)
Date: Fri, 31 Mar 2000 01:19:00 -0500
Robert Graham wrote:
Message begins: "My Server runs Bind-8.2" Message queries: "How did they get in?" Answer: http://www.securityfocus.com/bid/788.html
I swore that I had updated BIND on all my machines. I did...except for that one.
It is also extremely dangerous to expose PostgreSQL, NFS, and NIS to the Internet. You should probably reconsider that.
Is there any better alternatives to NFS? What about keeping a restrictive securenets file for NIS? Is NIS so bad that there is nothing that can be done with it? I also need to run some sort of database. The postgres account was locked. I did not think that was an issue. I was only using it through Java servlets via the JDBC driver. Sorry if I am clueless, but I am no CS guy and the only reason I am an admin is because I am the least worst person in the department for the job as they cannot afford a real one. I would like to thank everyone for their comments and any clues that they can impart to me are always welcome. Thanks again, Seth P.S. If I disable all the IPMASQ modules except for ftp, does this buy me anything security-wise?
Current thread:
- Re: Dramatic increase in UDP Port 137 (NetBIOS Name Service)probeactivity, (continued)
- Re: Dramatic increase in UDP Port 137 (NetBIOS Name Service)probeactivity Bill Pennington (Mar 29)
- Re: 169.254.x.x (Dramatic increase in UDP Port 137 (NetBIOS Name Service) probe activity) Pavel Kankovsky (Mar 29)
- Re: 169.254.x.x (Dramatic increase in UDP Port 137 (NetBIOS Name Service) probe activity) Joshua Krage (Mar 29)
- Re: 169.254.x.x (Dramatic increase in UDP Port 137 (NetBIOS Name Service) probe activity) Greg A. Woods (Mar 29)
- Re: 169.254.x.x Robert Graham (Mar 29)
- Re: 169.254.x.x Pavel Kankovsky (Mar 30)
- Cracked by the Brazilians Seth Milder (Mar 30)
- Re: Cracked by the Brazilians Michael Damm (Mar 30)
- Re: Cracked by the Brazilians Seth Milder (Mar 30)
- Re: Cracked by the Brazilians Robert Graham (Mar 30)
- Re: Cracked by the Brazilians Seth Milder (Mar 30)
- Re: Cracked by the Brazilians Michael H. Warfield (Mar 30)
- Re: Cracked by the Brazilians Omachonu Ogali (Mar 30)
- Re: Cracked by the Brazilians Blaise St-Laurent (Mar 30)
- Re: Cracked by the Brazilians Ralf Spenneberg (Mar 30)
- Re: Cracked by the Brazilians Seth Milder (Mar 30)
- link-local IPs (Was "Re: 169.254.x.x (Dramatic increase in UDP Port 137 (NetBIOS Name Service) probe activity)") Richard Johnson (Mar 30)
- unapproved queries for "aol.com" Francis A. Vidal (Mar 26)
- Linux-box hacked, ls, ps, login modified Frank Derichsweiler (Mar 22)
- Re: Linux-box hacked, ls, ps, login modified Rick Tait (Mar 22)
- Re: Linux-box hacked, ls, ps, login modified Granquist, Lamont (Mar 24)