PLUG site incident last night
Edward Norton
r00t3d at gmail.com
Mon Jan 1 17:58:04 MST 2007
On 1/1/07, Jim <arizona.anorak at gmail.com> wrote:
>
> Edward Norton wrote:
> > PLUG cracked AGAIN? Not surprising considering you guys wont consider
> > anything other than a badly coded PHP CMS.
>
> Ed,
>
> Apparently you know more about securing a site than the people who run
> it. At least that's what your message implies. I have an idea. When
> it's time for the next PLUG meeting, come out of the sewer, show up at
> the meeting and offer to help secure the site.
>
> Jim,
As a matter of fact, yes, I do know more about securing websites than the
people running PLUG, so it seems.
>I have an idea. When
>it's time for the next PLUG meeting, come out of the sewer, show up at
>the meeting and offer to help secure the site.
Hey asshole, you don't even know me. Don't get a fucking attitude. As it
happens, I HAVE BEEN TO THE
MEETINGS, and I HAVE brought up site security. Infact, I've brought it
up in the IRC channel as well,
so before you start being a little prick, know who you're talking to.
Anyways, you wan't some ideas? Ok. How about to start: get the hell away
from shared hosting. Second, invest in "hardened-php," third, look into
GRSecurity and RBAC. Fourth, strip apache down to only the needed modules.
Fifth, don't use shitty CMS's.
Hey Jim, you happy now asshole?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20070101/e5671e4a/attachment-0001.htm
More information about the PLUG-discuss
mailing list