Thread: hacked server
View Single Post
  #15 (permalink)  
Old 07-09-2009, 07:37 PM
Spiral's Avatar
Spiral Spiral is offline
Registered User
  
Join Date: Jun 2005
Location: Area 51
Posts: 1,501
Spiral is on a distinguished road
Lightbulb
Quote:
Originally Posted by sphost View Post
Spiral, i really appreciate your offer, thing is that server were formatted, and my DC did a reinstall so what i am basically looking for is someone to secure my server not to restore it.
That would be my primary professional specialty!

I could help you diagnose the issue and track down the source of the
original attack but if you already reloaded the server, there is not much
use in that so yes the next step would be to secure the server and
I definitely can help you with that far beyond your wildest dreams.

Generally it is good to dig through things for forensic purposes before
blowing away the server but since you've already jumped ahead,
not much can be done other than to press forward with getting
you re-setup again and secured so this doesn't happen again.

Quote:
as for your free offer, i do appreciate it as well, but i prefer to pay for what i get. while IT IS so kind of you, still i really cant accept that. however, if you are serious about helping me to do it myself, this will make me learn a lot, i recommend that you post a SECURE YOUR SERVER type of thread in public so other people benefit from it as well, like this thread which is very usefull but unfortunatly i did all what is mentioned there but my server got hacked so looks like there is a lot more to be done.
There is absolutely a WHOLE LOT more to be done!

If you have read my posts here, you will see that I often address
many issues that are often overlooked. While the "secure your server"
type threads here and elsewhere are useful for the basics, they often
overlook many of the more important areas where you might be vulnerable
and the hackers out there aren't going to be so ignorant. The bigger
thing to know and understand is "how things work" and the reasons why
there are vulnerabilities. A hacker doesn't think about where you have
secured your server so much as what you may have missed.

Regarding posting a thread, I'm actually in the process of doing much
better than that. I have a new book that is coming out soon that
will have a CD that automatically secures everything for Linux servers
particularly those running Cpanel or Plesk. Once we get the bugs
worked out in that program and some of the licensing issues, I'm
considering posting a link to downloading it on here so that may
be coming along fairly soon.

Now regarding your mentioning "you did all", I would like to sit down
with you and discuss exactly everything you can remember you did
originally as that will give me some insight as to your original configuration,
the areas you may have missed, and where you more likely got hacked,
and also would tell me what areas I may need to bring you more up to
speed on and get you to strengthen your understanding.

Regarding your offer to pay, I won't recend my offer but I'll do it this way.
If you think my help to you is valuable, you can go ahead and pay me
what you think it is worth to you. Fair enough?

I'll be offline for the next hour or so as there is a place I need to be
but I'll be online most of this evening if you want to try to catch up
to me. I left you a message yesterday with my contact info so that
you can reach me outside of the private messages here.
Reply With Quote