Re: sendmail compromised - Somebody help me!
From: Ohmster (notareal_at_emailaddress.com)
Date: Tue, 26 Apr 2005 23:01:10 GMT
Adam <email@example.com> wrote in
> Glad I could be of help.
It is very much appreciated.
> One thing I forgot to say.
> If you can afford getting a router with VPN features, I would recommend
> doing that, putting your server behind it, allow only the bare minimum
> ports for SMPT, POP, HTTP, and any other basic service that you need to
> have connecting to the world, and make sure that ssh, FTP (unless it is
> absolutely necessary) are not accessible unless you are connected
> through VPN.
I do use an FTP server. It has to be accessible for simple, family
members. I run vsftp as both standard FTP for myself with login and
password, and also as anon so that I can give my family members an FTP
URL, directly to the write only incoming directory, and they can click
it. This brings up a blank, white Explorer window on their desktop. Then
the family member will highlight several photos in Explorer and they can
then drag them on top of the empty (Cannot see anything in there, write
only.) Internet Explorer window and let go of the mouse button. Then the
photos will copy over to the anon FTP server and I get pictures to post
on the family web site that way. My mom is over 80 years old and running
a standard FTP client, let alone VPN is pretty much out of the question.
For her and for most of the family. Click on URL, blank Internet Explorer
windows opens, drag the pictures on top of the blank Internet Explorer
window, and let go of the mouse button. Poof, the pictures are here.
> Also make sure that most server software, Apache for example are not
> running as a privileged users, and not using the standard nobody:nobody
> user and group, and for all other users, use strong, hard to guess
> usernames and passwords.
Very careful about that, would not want apache or anything else running
privileged. Web server runs as user "apache" and group "apache, neither
of which are privileged.
> It is scary how you would find usernames like test with passwords like
> test, password, nothing, secret, new, ...etc.
Yeah really. Thanks for helping out!
-- ~Ohmster ohmster at newsguy dot com