paypal scam - tracing link

Waldher, Travis R Travis.R.Waldher at boeing.com
Mon Oct 30 15:56:36 UTC 2006 

> -----Original Message-----
> From: mylar [mailto:micros50 at computer.net]
> Sent: Thursday, October 26, 2006 4:08 PM
> To: Getting started with Red Hat Linux
> Subject: RE: paypal scam - tracing link
> 
> Thanks, I'm gonna give this a try. I've been noticing ssh attempts
> increasing  here lately Time to kick em out.
> 
> mylah
> 

A few things:

1) passwords, make sure they aren't crackable or guessable.  

A good password is alphanumeric with different cases and at LEAST 8-10
characters but spells something to help you remember.  

A great password is 15+ characters long, alphanumeric with different
cases, if the OS supports it special ASCII characters, AND spells
nothing.  

For example:
"mypassword" is a bad password - easily cracked
"myp at s5w0rD" is an good/ok password - harder to crack but doable
"78D0fi3w4%^xeD1" is a great password. - crackable but takes a LONG
time.

Next change your passwords at LEAST every 90-180 days.  In the last
case, it's going to take more than 45-90 days to crack that password.
That's assuming they have supercomputers or clusters at their finger
tips.  So if you change them often enough, by the time they crack (or
guess) it, it's already changed.

2) SSH - force to run version 2. (Rick can you remember why?  My
caffeine hasn't kicked in yet)

3) Disable other access methods, rlogin, rexec, telnet, etc.  Tunnel all
X traffic over SSH.  Otherwise, all of those methods send
usernames/passwords in clear text.

4) If the machine has been hacked.  Take it off the network and
investigate what they could have accessed.  After that, hit the power
button, remove the hard disk.  First dunk it in liquid nitrogen, then
douse it in gasoline and light it on fire; followed by running it over
with a Mac truck, optionally shoot it a few times, finish it off by
sending it through a chipper.

Seriously if the machine has been compromised, it is best to take it
down, reformat it several times, I prefer either a low-level or
overwriting with 1's and 0's. (ok I'm paranoid) After this is done
rebuild it.  Why? Without extensive work, you won't know for sure what
they put where.

More information about the Redhat-install-list mailing list