[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] I got hacked.........

On Tue, 9 Apr 2002, Max Pakhutkin wrote:

> To add to all the good advice given so far on this topic, the best 
> philosophy to assume with regard to security is
> 1) you will never be totally secure, sooner or later something will get 
> compromised. This is actually true, not just a belief.

This is great advise.  

Don't shoot me for this, but let me update everyone where I stand.  This
machine is not critical in the sense that it contains sensitive or
confidential data.  It does not run any db services (i.e. mysql,
postgresql), it is the only linux box I have *not* behind the firewall.

True, it is my email server and dns server.  It also is our web server,
however, it's not commerce or used for daily necessary items.  If forced
to, I can reload this server from scratch, probably quite easily.

However, since I am sure you know, if i force every teacher to change
their passwords and shutdown the email server, I may end up with a lynch
mob after me.  I know...I know..... it's necessary, but I am going to
approach this without just dropping it on them.  In the meantime, I am
taking the opportunity to learn more about this attack.  How did they get
in?  What was my mistake?  How do I make it more secure? How do I better
prepare my detection methods (which I still think were pretty good, I
think this guy only broke in on Apr 8. That can be debated and
investigated if anyone in interested) and most important do I still
succesfully/easily operate without being hampered by security. (don't want
to dosconnect my box from the net just so noone will hack it).

Michael Cortes
Fort LeBoeuf School District
34 East 9th Street
PO Box 810
Waterford PA 16441-0810

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]