Full Disclosure: Re: one of my servers has been compromized

Re: one of my servers has been compromized

From: Christophe Garault <letoff () gmail com>
Date: Mon, 05 Dec 2011 13:48:24 +0100

On 12/O5/2011 13:07, Lucio Crusca wrote :

Ferenc Kovacs wrote:
   
No, it's just common saying. I apply patches, change password regularly,
move ssh to nonstandard ports, disable remote root access and do all the
rest I've learnt about security in years of running linux servers, also if I
couldn't believe they would hack my server. I only overlooked a piece of
unknown-third-party php code. It's just experience that makes you stronger.

Having your /tmp partition with noexec,nosuid is also considered a good 
practice.

-- 
Toff

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Re: one of my servers has been compromized, (continued)
- Re: one of my servers has been compromized Ferenc Kovacs (Dec 05)
  - Re: one of my servers has been compromized Lucio Crusca (Dec 05)
    - Re: one of my servers has been compromized Chris M (Dec 05)
    - Re: one of my servers has been compromized Christophe Garault (Dec 05)
    - Re: one of my servers has been compromized Paul Schmehl (Dec 05)
- Re: one of my servers has been compromized mitchell (Dec 05)
  - Re: one of my servers has been compromized Larry W. Cashdollar (Dec 06)
  - Re: one of my servers has been compromized Larry W. Cashdollar (Dec 06)
- Re: one of my servers has been compromized Tim (Dec 05)
  - Re: one of my servers has been compromized John Jacobs (Dec 05)
    - Re: one of my servers has been compromized James Condron (Dec 05)
    - Re: one of my servers has been compromized John Jacobs (Dec 05)
    - Re: one of my servers has been compromized Lucio Crusca (Dec 05)
    - Re: one of my servers has been compromized Tim (Dec 05)
(Thread continues...)