| d2r diego's weblog |
under attackThrough the last week the clevercactus site has been sporadically unavailable, and it's down right now. This means no web, no service, no emails getting through. If you're trying to get through to clevercactus and can't please let me know through a comment or email to my personal address. What happened is that we were attacked (I'm not sure when) and someone left a number of scripts there that are flooding the system (they do other things too, but at least one of them is clearly written simply to flood the network and disable it). This is something obviously intended to bring down clevercactus, not just a simple hacking. Why? What do they gain by bringing down the service of a small company that is going through hard times? This kind of thing makes me sad, and is really discouraging. I had this whole thing planned for today, getting the manifold site up and so on but now I'm going to spend time trying to see how to route around the problem for now until we can determine the extent of the hack. I don't even know how they got in yet--we constantly update our software with the latest patches. Needless to say, I'm seriously reconsidering the whole of the software I use and how to set it up so that this doesn't happen again. Anyway. We'll see how it goes. Categories: clevercactus, soft.dev, technologyPosted by diego on December 16 2004 at 2:31 PM Comments (please see the comments & trackback policy).
This sucks. Let's hope you find out what happened and what can be done to prevent it in the future. If you have the energy, you can investigate OpenBSD (http://www.openbsd.org) for an alternative Unix that tries hard to be secure by default. Posted by: Gustaf Erikson at December 16, 2004 3:26 PMThis is really distracting, I can feel with you. Good luck and best wishes. Posted by: Gerd Riesselmann at December 16, 2004 3:55 PMPerhaps they know of a vulnerability that the manufacturer of your system doesn't know about? In any case, these links to computer forensics and security might be of some use. A new book by Dan Farmer and Wietse Venema on issues such as you are having now. Lots of cool articles and tools to secure UNIX-like systems. Latest issues in computer security. And the infamous zine on hacking. Oh, just as an aside I think that the Mac running OS X is probably one of the safest systems around. I remember reading in a computer security book that the US Army uses OS X for their website and it has never been hacked unlike the FBI, Whitehouse and CIA websites. Posted by: Rafael at December 16, 2004 10:31 PMThere are secure Linux systems. The RIAA has one (open source IIRC) and there is also Bastille. Or, you can put together a Debian stable distro and keep it actualized through the security-updates (they're automatic). Sorry, guys. These kind of things are annoying. Posted by: Ignacio at December 17, 2004 8:51 AMThanks, all. Btw, we do use Debian stable with automatic updates. It seems they got in through apache, although I'm not completely sure. If so, it's either a problem with the autoupdate system in Debian, or an apache vulnerability that hasn't been fixed yet... Posted by: Diego at December 17, 2004 9:07 AMCopyright © Diego Doval 2002-2007.
|