PLUG site incident last night

Miles Beck milesbeck at gmail.com
Mon Jan 1 18:02:37 MST 2007


You may know something of security...but you need to learn some people
skills. Welcome to my new filter Edward.

On 1/1/07, Edward Norton <r00t3d at gmail.com> wrote:
>
>
> On 1/1/07, Jim <arizona.anorak at gmail.com> wrote:
> > Edward Norton wrote:
> > > PLUG cracked AGAIN? Not surprising considering you guys wont consider
> > > anything other than a badly coded PHP CMS.
> >
> > Ed,
> >
> > Apparently you know more about securing a site than the people who run
> > it.  At least that's what your message implies.  I have an idea.  When
> > it's time for the next PLUG meeting, come out of the sewer, show up at
> > the meeting and offer to help secure the site.
> >
> >
>  Jim,
>
> As a matter of fact, yes, I do know more about securing websites than the
> people running PLUG, so it seems.
>
> >I have an idea.  When
> >it's time for the next PLUG meeting, come out of the sewer, show up at
> >the meeting and offer to help secure the site.
>
> Hey asshole, you don't even know me. Don't get a fucking attitude. As it
> happens, I HAVE BEEN TO THE MEETINGS, and I HAVE brought up
> site security. Infact, I've brought it up in the
> IRC channel as well,
> so before you start being a little prick, know who you're talking to.
>
> Anyways, you wan't some ideas? Ok. How about to start: get the hell away
> from shared hosting. Second, invest in "hardened-php," third, look into
> GRSecurity and RBAC. Fourth, strip apache down to only the needed modules.
> Fifth, don't use shitty CMS's.
>
> Hey Jim, you happy now asshole?


More information about the PLUG-discuss mailing list