1 |
On 7/5/06, Alexander Skwar <listen@×××××××××××××××.name> wrote: |
2 |
> Lord Sauron wrote: |
3 |
> > Sorry to be a bit elementary, but if you're not colocating your box, |
4 |
> > and you don't often use SSH, you might want to consider disabling |
5 |
> > remote administrative things. |
6 |
> |
7 |
> Of course - disable everything, that you don't need. ESPECIALLY, if it |
8 |
> is reachable over the network. |
9 |
> |
10 |
> > All your Windoze "friend" will try to do is exploit MySQL to pop a DOS |
11 |
> > shell into your system. |
12 |
> |
13 |
> How do you know? |
14 |
|
15 |
I read a hacker article. It was terribly interesting, but nothing I'd |
16 |
actually want to do. I don't think hacking is a worthwhile use of my |
17 |
time, however, since I do aspire to host my own server and website, I |
18 |
decided it would be good to bone up on attack methods a little bit. |
19 |
|
20 |
> > If you can't disable SSH for some reason, then limit MySQL access to |
21 |
> > localhost only. |
22 |
> |
23 |
> I'd even suggest to make MySQL "skip-networking". If that's set |
24 |
> in my.cnf, MySQL won't be available via TCP over a network and |
25 |
> can only be reached over a Unix socket. Maybe that's what you |
26 |
> meant, but I just fealt like adding that :) |
27 |
|
28 |
I'm no pro, but that works. I don't have a lot of experience, so I |
29 |
oftentimes just end up speculating on a bunch of educated guesses. |
30 |
|
31 |
> > If you can, what I'd do is try and get the guy's MAC Address or |
32 |
> > something and then totally block that off. |
33 |
> |
34 |
> How should *THAT* help? In 99.9999999999999999999999999999999% of |
35 |
> the times, the attacker won't be on the same subnet, and thus the |
36 |
> MAC isn't available. |
37 |
|
38 |
Couldn't hurt. You never know what you'll find when you tear apart |
39 |
some networking packets. I was so alarmed at what I found that I quit |
40 |
doing it altogether. Ignorance is bliss, I decided. No, I won't say |
41 |
what I found for reasons of protecting the egos of innocent people. |
42 |
|
43 |
> You can try to block me, my MAC will be either 00:12:17:D4:21:D4 |
44 |
> or 00:12:17:D4:21:D2. Just tell me, where you blocked me using |
45 |
> my MAC and I'll see if I can still access. |
46 |
|
47 |
I'll try it someday when I can figure out enough about linux |
48 |
networking to do something like that. |
49 |
|
50 |
-- |
51 |
========== GCv3.12 ========== |
52 |
GCS d-(++) s+: a? C++ UL+>++++ P+ |
53 |
L++ E--- W+(+++) N++ o? K? w--- O? M+ |
54 |
V? PS- PE+ Y-(--) PGP- t+++ 5? X R tv-- b+ |
55 |
DI+++ D+ G e* h- !r !y |
56 |
========= END GCv3.12 ======== |
57 |
-- |
58 |
gentoo-user@g.o mailing list |