?

Log in

No account? Create an account

(aol-voice) "You've got hackers!" (/aol-voice) - Lograh — LiveJournal

Wednesday, 25.Sep.2002

10:31 - (aol-voice) "You've got hackers!" (/aol-voice)

Previous Entry Share Flag Next Entry

I get a message from the network guys "We've shut down your server's network port because it was launching a DoS attack against the world, give us a call at xxxxxx."

Shit.

I run over to the box, start looking through it and I find that it's been hacked for a month now, running a rogue FTP server (at least 10 different movies uploaded so far, all of them crap) some hacker installed. I also find about 5 or so random services I don't recognise.

So, an hour of housekeeping later, I call them up and have them turn it back on and it's not tried hitting anyone yet. Here's hoping I got it. Problem is, even if it is clean now, I did a hack job of it and I'll have to go back over it with a fine-tooth comb sometime this week to make sure it's good.


I'm not mad at all at the hackers, hell I used to be one and I view them as doing us a great service. I am pissed as all hell at Microsoft for making a system that is so dammn faulty and buggy that it is impossible to secure it properly. If this had been a unix box (I don't care what flavor) then securing it would have been a simple matter of just turning off the services you don't need and patching the ones you do, and a few other tweaks and you are good to go. Damn Fscking Microshaft Windoze isn't anywhere NEAR as easy to secure. Sure, you can streamline the services (I had), and you can update every bloody patch there is (I had), and you can follow all the basic security procedures and you are still WIDE OPEN!

My job would be so much easier if we weren't running Microsoft.

Current Mood: annoyed

Comments:

[User Picture]
From:macklinr
Date:11:04 25.Sep.2002 (UTC)
(Link)
I would personally place the source of frustration on malicious fuckers. Hackers or not (and let's me honest, that's not a hacker, that's some script kiddies or just your common household cracker)

I would also place my frustration on Microsoft. But that's because I have a lot of frustration to give. ;)
(Reply) (Thread)
[User Picture]
From:lograh
Date:11:11 25.Sep.2002 (UTC)
(Link)
well, yeah, I wasn't claiming the little shit was smart. And since whoever it was didn't delete anything from my system, I won't say it was a particularly malicious act. They just used my box as a stepping stone to attack other boxes.
(Reply) (Parent) (Thread)
[User Picture]
From:macklinr
Date:11:34 25.Sep.2002 (UTC)
(Link)
How's it not particularly malicious? To overblow the analogy, it's just as malicious to (well, even moreso) to break some computers with a wrench than it is the just break that wrench.
(Reply) (Parent) (Thread)
[User Picture]
From:lograh
Date:11:51 25.Sep.2002 (UTC)
(Link)
It wasn't particularly maclicious since they did not interrupt any services running on the machine, they did not delete any information, they did not change any user accounts, etc...

All they did was exploit some hole to gain access and from there they launched attacks from it against other servers. All I had to do to get my machine back up was to delete a few files, shutdown some services, and modify the accounts. My machine has been running for an hour now without attacking anyone else, so we're guessing I got it. I'll have to look more closely and try to close up whatever hole it was they used to get in, but for now it's running and providing the services we need it to. I lost, at most, 15 hours of network connectivity because the message from the network guys got to me late. Had I gotten the message yesterday when they left it, I would only have lost 2 hours of network connectivity.

That's not a particularly malicious hack.
(Reply) (Parent) (Thread)