Re: Hacked

["Bluefish [@ home]" <11a () gmx net>]

> So I mount the drive and find a message in my root directory:
>
> hehe.idiot.fix.your.imap.and.feel.glad.i.didnt.rm-rf.everything
>
> imap, huh?  I knew I was running lots of services - it was a hacker's dream,
> most likely.  But this was at home, and it was quite sloppy.  But it did its
> purpose - my LAN *seems* okay - no evidence of any tampering, though it was
> quite possible - again, from sloppiness.  Anyway, I have a real,
> honest-to-goodness hacked drive over here - something live to study and
> learn from.

I advice the following for home lan's:
 if dynamic ip:
  allow everything from local network
  block incomming to all services your machine is running
 if static ip:
  same as dynamic, except that you may want to have ftp or web open.
  if so, you'll have to be patching those when a new exploit arise,
  and check that config files are correct.

I'm no security wizard, but my opinion is that trust as little as
possible. and in homelans, you can usually trust the local users to
access unsecured services. to trust local users on a company network is
another matter.

[icq.im.away] 611251
[email.ilove] ealliance$hotmail.com || 11a$gmx.net 
[web.we.rock] http://194.236.13.242/11a/index.html
[web.we.rock] http://home.swipnet.se/~w-12702/11A/