If you need assistance, please send an email to forum at 4hv dot org. To ensure your email is not marked as spam, please include the phrase "4hv help" in the subject line. You can also find assistance via IRC, at irc.shadowworld.net, room #hvcomm.
Support 4hv.org!
Donate:
4hv.org is hosted on a dedicated server. Unfortunately, this server costs and we rely on the help of site members to keep 4hv.org running. Please consider donating. We will place your name on the thanks list and you'll be helping to keep 4hv.org alive and free for everyone. Members whose names appear in red bold have donated recently. Green bold denotes those who have recently donated to keep the server carbon neutral.
Special Thanks To:
Aaron Holmes
Aaron Wheeler
Adam Horden
Alan Scrimgeour
Andre
Andrew Haynes
Anonymous000
asabase
Austin Weil
barney
Barry
Bert Hickman
Bill Kukowski
Blitzorn
Brandon Paradelas
Bruce Bowling
BubeeMike
Byong Park
Cesiumsponge
Chris F.
Chris Hooper
Corey Worthington
Derek Woodroffe
Dalus
Dan Strother
Daniel Davis
Daniel Uhrenholt
datasheetarchive
Dave Billington
Dave Marshall
David F.
Dennis Rogers
drelectrix
Dr. John Gudenas
Dr. Spark
E.TexasTesla
eastvoltresearch
Eirik Taylor
Erik Dyakov
Erlend^SE
Finn Hammer
Firebug24k
GalliumMan
Gary Peterson
George Slade
GhostNull
Gordon Mcknight
Graham Armitage
Grant
GreySoul
Henry H
IamSmooth
In memory of Leo Powning
Jacob Cash
James Howells
James Pawson
Jeff Greenfield
Jeff Thomas
Jesse Frost
Jim Mitchell
jlr134
Joe Mastroianni
John Forcina
John Oberg
John Willcutt
Jon Newcomb
klugesmith
Leslie Wright
Lutz Hoffman
Mads Barnkob
Martin King
Mats Karlsson
Matt Gibson
Matthew Guidry
mbd
Michael D'Angelo
Mikkel
mileswaldron
mister_rf
Neil Foster
Nick de Smith
Nick Soroka
nicklenorp
Nik
Norman Stanley
Patrick Coleman
Paul Brodie
Paul Jordan
Paul Montgomery
Ped
Peter Krogen
Peter Terren
PhilGood
Richard Feldman
Robert Bush
Royce Bailey
Scott Fusare
Scott Newman
smiffy
Stella
Steven Busic
Steve Conner
Steve Jones
Steve Ward
Sulaiman
Thomas Coyle
Thomas A. Wallace
Thomas W
Timo
Torch
Ulf Jonsson
vasil
Vaxian
vladi mazzilli
wastehl
Weston
William Kim
William N.
William Stehl
Wesley Venis
The aforementioned have contributed financially to the continuing triumph of 4hv.org. They are deserving of my most heartfelt thanks.
Registered Member #190
Joined: Fri Feb 17 2006, 12:00AM
Location:
Posts: 1567
I know so little about server management and how people break into them. Are there any books that teach one on how to run a server at home. Do any go into the details as to how someone breaks into the security?
Registered Member #1403
Joined: Tue Mar 18 2008, 06:05PM
Location: Denmark, Odense C
Posts: 1968
I think it comes down to always have updated software, have a strict firewall policy and know exactly which services are running with external access.
To avoid all this hassle I have put my faith in using a Synology diskstation, they have stepped up security a lot over the last year and it is easy to manage, low power consumption / noise.
Registered Member #65
Joined: Thu Feb 09 2006, 06:43AM
Location:
Posts: 1155
Actually, a problem can be the lack of practical understanding of how these systems work. In general, I often recommend people start by administering a LAMP stack on a hobby VPS ($24/yr), and get a domain name with an anonymous whois record ($12/yr)...
Guidelines: 1. Learn how to backup your data off-line, and use of gpg encryption utilities 2. Only install the bare minimum number of services (a web-server should not have much on it) 3. Learn how to do this stuff on the command line, as desktops or web administration tools open more holes 4. Regularly check /var/log/ , file system signatures, and traffic profiles 5. Eat your own FUD by learning why Redhat/Debian server communities are popular 6. Most technical problems are already solved, but if you have time to write a book... you're likely doing it wrong.... 7. No tool is appropriate for every situation, and different people develop their own recipes for handling different types of problems (firewall rules for example) 8. Test your own equipment with the same annoyances other people use (Dfind, Nessus, and so on...). Your servers will constantly be scanned by bots looking for holes on the Internet (like wordpress/phpmyadmin etc.)... And you can add your own fail2Ban filters to update firewall rules.
Check if the VPS IP you just rented is on the spammer black lists: spamhaus.org
Registered Member #902
Joined: Sun Jul 15 2007, 08:17PM
Location: Pacific Northwest USA
Posts: 1042
As a web hosting provider on the side, and an ethical hacker as my primary profession, I offer my advice below:
First, the points presented above are all valid, especially learning to understand the differences between the distributions and the tool chains.
Updates are paramount, especially with remote services. Firewalls are a must, but only work if the permitted services are not exploitable. However, most of the vulnerabilities found in the wild are now in the Application layer (layer 7 of the OSI model depending on which version you use). It used to be network based, but now frameworks such as Wordpress and management tools are the more popular targets than the servers themselves.
I personally use CentOS / Red Hat, with SElinux contexts set. I have rolled my own recipes all over, as most experienced server admins will do. There is no single way to protect your services that is ideal besides shutting everything off (which would defeat the point of having them in the first place).
Checking your logs is vital, and understanding what they mean. I recommend a log analysis tool. Splunk is free for less than 500 MB of logs a day (and that would be a LOT of logs. I run a hosting provider on the side and mirror a lot of major distributions, and I only recently started hitting that limit). I personally use Kibana4 + Elasticsearch + Log Stash (Kibana 4 has major improvements, so detractors check it out before commenting. I used to be the same way).
Lastly, have an understanding of your services, both technically where you can (how it works), and practically (why is it here). if you don't understand the reason why configuration.php for Joomla needs to be chmod 660 then take the tame ti research it (also, you should be able to answer that 660 might not be ideal for you, as long as the last item is 0 for no permissions for others). This will help you figure out what you really need to lock down your servers.
This site is powered by e107, which is released under the GNU GPL License. All work on this site, except where otherwise noted, is licensed under a Creative Commons Attribution-ShareAlike 2.5 License. By submitting any information to this site, you agree that anything submitted will be so licensed. Please read our Disclaimer and Policies page for information on your rights and responsibilities regarding this site.
running a server and hacking
