RE: Got hacked?

Top Page
This message is part of the following thread:
M-\the complete thread tree sorted by date
M\MBryan O'Neal at <-
MMCraig White at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Bryan O'Neal
Date:  
To: Main PLUG discussion list
Subject: RE: Got hacked?
My next question is, I think I have my stuff fairly well locked down,
but how do I know? I think I have a nice crunchy outer coating, with a
few sweet pieces of usability. It is not as hard as say, unplugging the
computer and tossing it in a locked room, but still hard enough I think.
My internal network is pretty standard, different antivirus/antispyware
apps running on different machines, firewalls all turned on, etc. So my
question is, any burgeoning network security wiz's out their want to put
up the public service of checking a few of our systems out and telling
us what we need to fix? After all I am an accountant, what do I know of
network security?

-----Original Message-----
From:
[mailto:plug-discuss-bounces@lists.plug.phoenix.az.us] On Behalf Of Jim
Sent: Friday, February 23, 2007 1:49 PM
To: Main PLUG discussion list
Subject: Re: Got hacked?

Carlos Macedo Gomes wrote:

SNIP

> Let me know if I can help out.

Thanks to you and everyone else for the advice. I was curious as to
what the hacker had done, but ended up reinstalling. Overnight I used
my windows box to download the dvd iso file for Slackware 11.0 and used
it to nuke the old installation. Once that was done I took the config
files from the old installation I had backed up and restored them.

Jon Hanson said:

> If you have a home network, consider plugging your DSL modem directly
> into one PC and using that as a firewall machine. Yes, you can also
use
> it as a desktop if you need.

My DSL modem does NAT and port forwarding. I removed port forwarding
for port 22.

> Is there a compelling reason you need password authentication for ssh?
> It's very easy to generate public keys and use those. You can even
keep
> one on a thumb drive to use if you have to. Then turn OFF password
> authentication (PasswordAuthentication no) in your sshd_config.

I tried to get this working on my windows box, but haven't been able to
yet. I changed sshd_config so that sshd listens only on the IP address
of the nic that's connected only to the windows box.

Hopefully this will make things a bit more difficult for them.
--


"That income tax you know it's nothing more than legal robbery"
Sidney "Pa" Larkin
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-RE: Got hacked?RE: Got hacked?->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)