The UK Home Automation Archive

Archive Home

Group Home

Search Archive
Advanced Search

The UKHA-ARCHIVE IS CEASING OPERATIONS 31 DEC 2024

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Protect and survive

To: ukha_d@xxxxxxx
Subject: Re: Protect and survive
From: Nigel Orr <Nigel.Orr@xxxxxxx>
Date: Fri, 11 Aug 2000 09:09:49 +0100
Delivered-to: rich@xxxxxxx
Delivered-to: mailing list ukha_d@xxxxxxx
Mailing-list: list ukha_d@xxxxxxx; contact ukha_d-owner@xxxxxxx
References: <11517AB64EFED3119DF1002018B9AC2704DDC4@xxxxxxx>
Reply-to: ukha_d@xxxxxxx

At 09:52 11/08/00 +0200, you wrote:
>2. We all know that there are wan***s out there who take great pleasure
in
>hacking websites, mailservers etc so what are people doing to protect
>themselves.

And I'm not allowed to mention the 'L' word?  hmmm...

I can speak for one 'L' server which I administer at work.  It's been up
for about 6 weeks or so, the address has never been publicly released
(except for one mention on here, but that didn't change things much!).  At
least once a week, someone tries to hack it, in a variety of ways.  After
one attempt came a bit too close for success, I've made some changes so I
get more of a picture of what's going on, which is how I know how regularly
attempts are made.

If it hadn't been 'product L', I'd probably still be blissfully unaware
that some little toerag had managed to get anywhere.  Fortunately 'product
L's designers are a very 'open' lot, so, unlike some other well known
systems, when an exploit is discovered, they're brave enough to admit it,
and sometimes release a patch within hours.  The only reason this machine
was vulnerable was that we'd just installed it, from a CD a few months old,
and not got round to updating it.

Having seen the amount of activity on this one, low profile, system, I
honestly wouldn't even think of running Windows on a machine with 24/7
connectivity, where even I can think of half a dozen things to try to get
past it... you're just too isolated from the system to see what is really
happening.

>one more thing, please don't suggest I install Linux - please.

OK.

>machines, or are you using one machine for the lot... (I just know
someone
>is going to mention Linux here ;-)   ).

Mmmf mmmf mmmfffmm mnmfffnux.  :-)

There are a variety of security sites around, http://www.cert.org will give
you an idea of the sort of exploits that are going on (on all OS's!), and
pointers to other places.

Nigel

--------------------------------------------------------------------<e-
Get a NextCard Visa, in 30 seconds! Apply NOW!
1. Fill in the brief application
2. Receive approval decision within 30 seconds
3. Get rates as low as 0.0% Intro APR and no annual fee!
http://click.egroups.com/1/7874/9/_/2065/_/965981429/
--------------------------------------------------------------------e>-

References:
- RE: More LD10/11 Questions
  - From: REB.Barnett@xxxxxxx

Prev by Date: Re: Protect and survive
Next by Date: RE: Protect and survive
Previous by thread: Re: Protect and survive
Next by thread: RE: More LD10/11 Questions
Index(es):
- Date
- Thread

Home | Main Index | Thread Index

Comments to the Webmaster are always welcomed, please use this contact form . Note that as this site is a mailing list archive, the Webmaster has no control over the contents of the messages. Comments about message content should be directed to the relevant mailing list.