Displaying 20 results from an estimated 10000 matches similar to: "What to do when you've been hacked?"
2016 Jan 26
1
What to do when you've been hacked?
On Monday, January 25, 2016 11:56:19 AM Warren Young wrote:
> On Jan 25, 2016, at 11:04 AM, Benjamin Smith <lists at benjamindsmith.com>
wrote:
> > We have a prospective client who is asking us what our policy is in the
> > event of unauthorized access.
>
> Tell them you use the Mr. Miyagi defense: ?Don?t get hit.?
>
> Your prospective client sounds like they?re
2016 Jan 25
0
What to do when you've been hacked?
On Jan 25, 2016, at 11:04 AM, Benjamin Smith <lists at benjamindsmith.com> wrote:
>
> We have a prospective client who is asking us what our policy is in the event
> of unauthorized access.
Tell them you use the Mr. Miyagi defense: ?Don?t get hit.?
Your prospective client sounds like they?re expecting someone to have established procedures to deal with breaches. You know who
2011 Oct 15
4
Thoughts regarding the database compromise....
1] not using secure http for log-ins seems a bit 20th century.
2] to join this mailing list, I needed to send my new credentials over unsecured http - see 1] above.
3] to change password from the compromised reset password, I need to use unsecured http - see 1] above.
My point here is that if you are saddened, upset or concerned about the compromise, might the 3 above points also be on the list
2016 Jan 26
0
What to do when you've been hacked?
On Mon, January 25, 2016 19:12, Benjamin Smith wrote:
>
> Which I'd consider "best practices" and we do them.
> They are specifically asking about what to do *after* a
> breach. Despite all the best practices in
> place, there's *still* some risk.
>
If someone wants in to your network then they will get in. There is
no point in deluding yourself or your
2009 Mar 31
4
Tax Preparation with WINE
As approximately 130 million other US citizens, I am dutifully preparing for the April deadline for filing my income tax returns. Reviewing the WINE AppDB for installable tax software to help out in the process, it appeared that 2nd Story Software's TAX ACT was most likely to work with the WINE version (1.1.17) installed on my Mandriva-equipped HP laptop. As it turned out, TAX ACT was able
2012 Jan 01
11
an actual hacked machine, in a preserved state
(Sorry, third time -- last one, promise, just giving it a subject line!)
OK, a second machine hosted at the same hosting company has also apparently
been hacked. Since 2 of out of 3 machines hosted at that company have now
been hacked, but this hasn't happened to any of the other 37 dedicated
servers that I've got hosted at other hosting companies (also CentOS, same
version or almost),
2011 Oct 12
2
about the database hack
Hi,
Just wanted to know if this also applies to the codeweavers website or only
wineHQ was affected? Being wine a hosted codeweavers project it leads me to
think the hackers may have compromised some of that info too.
thanks for the honesty on the announcement and hope you can get everything
sorted out :D
--
X1R1
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
2013 May 24
5
Utility to scan for unpassworded SSH privkeys?
Hey all,
Let's make an assumption:
1) I am a root user on a system.
2) I don't want said system being used as a jumping-off point if either a
user account or the root account is compromised.
Given an unencrypted private key, plus a known_hosts file, plus
bash_history, it's a pretty easy avenue of attack once you're in the front
door. And it's happened before*.
Thus,
2015 Feb 06
2
anthem details
Hello Everyone,
Does anyone have any more detail about what kind of system Anthem / Blue
Cross was running and what kind of attack broke into their system?
It's terrible that it happened, but I think it would benefit all Admins
everywhere to learn how it happened so that we can secure our systems
from a similar breach of information.
Anyone know?
Chris
2017 Nov 06
1
How to detect botnet user on the server ?
Another alternative is to use a FIMS/HIDS such as Aide (Advanced Intrusion Detection Environment), OSSEC or Samhain. Be prepared to learn a lot about what your OS normally does behind the scenes (and thus a fair amount of initial fine tuning to exclude those things). Aide seems to work well (I've seen only one odd result) and is quite granular. However, it is local system based rather than
2020 Apr 22
6
Recommendations on intrusion prevention/detection?
Dear all,
what are the key strategies for intrusion prevention and detection with
dovecot, apart from installing fail2ban?
It is a pity that the IMAP protocol does not support 2 factor
authentication, which seems to stop 90% of intrusion attempts in their
tracks. Without it, if someone has obtained your password and reads your
mail without modifying it, you will hardly ever notice.
Is there a
2003 Dec 12
3
SIPURA Breaches Contract
Hi list,
Well I really didn't want to see things get to this point,
but Sherman at Sipura along with their President Jan F.
leave me no other choice.
SIPURA has been provided a letter from our attorney for
Breach of Contract and damages. They have yet to respond.
A quick background.
1. Sherman (SIPURA's Director of Marketing), stated that
we would do a join press release for the Oct
2006 Dec 01
4
I've been hacked -- what should I do next?
My home system has been hacked. It's running CentOS 4.4, and I
recently added an account to play around with Samba shares to back up
PCs here at home. I had set a weak password for that account and
forgot to disable it after my testing. I could hear the disk being
accessed constantly, so I knew something was up. I disabled the port
forwarding to my CentOS box on my Linksys router
2011 Oct 11
18
WineHQ database compromise
Hi,
I am sad to say that there was a compromise of the WineHQ database system.
What we know at this point that someone was able to obtain unauthorized
access to the phpmyadmin utility. We do not exactly how they obtained
access; it was either by compromising an admins credentials, or by
exploiting an unpatched vulnerability in phpmyadmin.
We had reluctantly provided access to phpmyadmin to the
2008 Feb 01
7
General questions about security
Hi,
I admit I never gave security that much thought, that is, except the
most basic security rules like choosing good passwords, or reasonable
file and directory permissions. But now I have to change that, since
I'll soon have to setup a dedicated production server for our public
libraries.
I wonder where to begin. I would say first thing is get a series of
"auditing" tools
2008 Aug 22
2
RH's servers breached
What's the point on this for us, CentOS users ?
http://www.redhat.com/security/data/openssh-blacklist.html
Regards,
kfx
2020 Oct 04
4
UpdateHostkeys now enabled by default
On Sun, 4 Oct 2020, Christoph Anton Mitterer wrote:
> On Sat, 2020-10-03 at 19:44 +1000, Damien Miller wrote:
> > Otherwise, feel free to ask me anything.
>
> Was it ever considered that the feature itself could be problematic,
> security-wise?
Of course we considered this.
> I see at least two candidates:
> - It's IMO generally a bad idea to distribute
2002 Feb 13
1
rsync over ssh and passwords
Hello everyone,
I am trying to write a wrapper around rsync to do some automated file
sync-ing between two servers. I am using ssh as the tranport. How can I
avoid the password prompt for ssh?
I think I can configure ssh to not require passwords, but this would expose
the obvious security risk.What are other users doing to get by this? Is
there some tricks I can do in scripting that would allow
2015 Dec 13
2
CentOS and typical usage
On 12/13/2015 12:45 PM, Valeri Galtsev wrote:
> On Sun, December 13, 2015 11:36 am, Alice Wonder wrote:
>>
>>
>> On 12/13/2015 08:39 AM, Timothy Murphy wrote:
>>> Alice Wonder wrote:
>>>> One of the benefits of systemd is the dependency based parallel
> startup.
>>>> The same speed can often be achieved with system V init by fine tuning
>
2019 Nov 14
2
how to know when a system is compromised
I have not, I'll look into that one, thanks!
On 11/14/2019 9:48 AM, SternData wrote:
> Do you run rkhunter?
>
> On 11/14/19 9:40 AM, Christopher Wensink wrote:
>> How do you know when a Linux system has been compromised??
>>
>> Every day I watch our systems with all the typical tools, ps, top, who,
>> I watch firewall / IPS logs, I have logwatch setup and