RE: Re: [OT] - HELP PLEASE we've been hacked.

["Keith Doxey" <ukha@xxxxxxxxxxx>]

Hi Dean

Just had an idea.... might be wacky... might be good.

Instead of the outward facing servers being in a DMZ, put them in a
"TDZ" -
Totally different zone !!!

Assuming you are just using a broadband connection for the internet, what
about the possibility of a second DSL line.

The existing line can be used for the office and secured through a totally
closed (to incoming obviously!) firewall.

The new second line could be used exclusively for the public facing
servers,
again firewalled with only the required ports open thus minimising ways in
BUT even if there is a security breach, only the external servers would be
affected as they would have no direct connection to your office LAN. In
fact, for your office machines to access them you would have to leave the
safety of your office, go via the WWW and back in on the other line.

The external servers could be rebuilt from scratch and Ghosted so that a
rebuild was quick and easy if they did get hit.


.... then again I could be talking total b*ll*cks !

Keith

> -----Original Message-----
> From: Dean Barrett [mailto:dean@xxxxxxx]
> Sent: 14 April 2004 20:26
> To: ukha_d@xxxxxxx
> Subject: RE: [ukha_d] Re: [OT] - HELP PLEASE we've been hacked.
>
>
> Ian - you are correct, its not a home system, it is the PC we use for
> Geovision and Cbus demos on the rolec.net website.
>
> I suppose my problem is that everything I've ever done web wise before
has
> always been on hosted sites where it is someone elses problem to
> worry about
> intrusions. This server is the first I have ever opened to the public,
and
> must admit I now wonder to its virtue...
>
> Visitors to our site had been very complimentary of the demo's we had
> running, and has been a useful sales tool, but I now wonder if
> its worth it.
> I fear the cost of proper support may outway to possible revenues
> generated...
>
> Bit of a sh*t all in all.
>
>
>
> Dean.
>
>
> -----Original Message-----
> From: Ian Lowe [mailto:ian@xxxxxxx]
> Sent: 14 April 2004 19:28
> To: ukha_d@xxxxxxx
> Subject: RE: [ukha_d] Re: [OT] - HELP PLEASE we've been hacked.
>
> Hmmm, actually, it might be me with the wrong end of the stick.. I
thought
> this was the rolec.net company webserver, rather than just Dean's home
> system...
>
> In which case, as you say, it's overkill - I'm not suggesting home
users
> rush out and employ a Firewall-1 expert ;)
>
> Ian
>
> -----Original Message-----
> From: Ali Watkins [mailto:ukha@xxxxxxx]
> Sent: 14 April 2004 19:11
> To: ukha_d@xxxxxxx
> Subject: FW: [ukha_d] Re: [OT] - HELP PLEASE we've been hacked.
>
> Ian,
>
> Sorry.. maybe I misunderstood?  I understand that proper services
should
> come at a proper price, I am a great believer in the old "you get
what you
> pay for" adage. But when it comes to securing a windows box on
> the end of a
> private DSL line hosting pages just for yourself I think a DIY job
does
> fine.... unless there is something mission critical on the box...
which
> there shouldn't be!
>
> Maybe I misunderstood the original idea?
>
>
>
> Ali
>
>
>
>
> > -----Original Message-----
> > From: Ian Lowe [mailto:ian@xxxxxxx]
> > Sent: 14 April 2004 17:10
> > To: ukha_d@xxxxxxx
> > Subject: RE: [ukha_d] Re: [OT] - HELP PLEASE we've been hacked.
> >
> > >-----Original Message-----
> > >From: Alistair Watkins [mailto:ukha@xxxxxxx]
> >
> > >I dont think you *have* to spend cash to make yourself more
secure,
> > there
> > >are plenty of *free* (as in speach, not lunch) tools about
that will
> > run
> > >on windows and help you... there is also plenty to read
online too.
> >
> > I disagree...
> >
> > IT Done cheap is IT Done bad. always, and never more so than with
> > security.
> >
> > There's a distinct difference between paying way over the odds
for a
> > consultant to sit there and oooh and aaaah whilst the meter runs,
and
> > employing a company with a good background in security to have a
check
> > over your systems. Seriously - it's money well spent.
> >
> > It's a malady of British Industry, I fear - people don't want to
spend
> > the money, and IT systems seem to be okay until the problems are
> > forcibly brought home - whether it's a security breach, data loss
> > through having no reliable backups, whatever.
> >
> > I'd take this as a narrow escape - you (seem to have) got away
with
> only
> > having the web server compromised, do the right thing, get
someone
> local
> > that you can get references for, with the appropriate
certifications
> > from people like checkpoint, and get your systems checked out.
> >
> > Advice from a list like this simply cannot compare to building a
> > relationship with an IT supplier you can trust and getting some
expert
> > backup.
> >
> > Ian.
> >
> >
> >
> > UK Home Automation Meet 2004 - BOOK NOW!
> > http://www.ukha2004.com
> >
> > http://www.automatedhome.co.uk
> >
> > Member Offers - http://www.freeranger.co.uk/ukha
Yahoo! Groups Links
> >
> >
> >
> >
> >
> > ---
> > [This E-mail has been scanned for viruses but it is your
> responsibility
> > to maintain up to date anti virus software on the device that you
are
> > currently using to read this email. ]
>
>
>
>
> UK Home Automation Meet 2004 - BOOK NOW!
> http://www.ukha2004.com
>
> http://www.automatedhome.co.uk
>
> Member Offers - http://www.freeranger.co.uk/ukha
Yahoo! Groups Links
>
>
>
>
>
>
>
>
>
>
> UK Home Automation Meet 2004 - BOOK NOW!
> http://www.ukha2004.com
>
> http://www.automatedhome.co.uk
>
> Member Offers - http://www.freeranger.co.uk/ukha
> Yahoo! Groups Links
>
>
>
>
>
>
>
>
>
>
>
>
> UK Home Automation Meet 2004 - BOOK NOW!
> http://www.ukha2004.com
>
> http://www.automatedhome.co.uk
>
> Member Offers - http://www.freeranger.co.uk/ukha
> Yahoo! Groups Links
>
>
>
>
>
>
>



UK Home Automation Meet 2004 - BOOK NOW!
http://www.ukha2004.com

http://www.automatedhome.co.uk

Member Offers - http://www.freeranger.co.uk/ukha