lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <jbic6c$q4k$1@dough.gmane.org>
Date: Mon, 05 Dec 2011 13:07:38 +0100
From: Lucio Crusca <lucio@...web.org>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: one of my servers has been compromized

Ferenc Kovacs wrote:

> ps: "I neverbelieved it could happen to me until it actually happened:
> they compromizedone of my servers." this is a really bad attitude.

No, it's just common saying. I apply patches, change password regularly, 
move ssh to nonstandard ports, disable remote root access and do all the 
rest I've learnt about security in years of running linux servers, also if I 
couldn't believe they would hack my server. I only overlooked a piece of 
unknown-third-party php code. It's just experience that makes you stronger.



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ