I'm not sure this is on-topic.. yet I think maybe it can squeak by. If you feel it is off-topic enough to flame, flame away (to me, not the list, please) I had a fun day today. Someone managed to hack into my mud server and wreak havoc on the filesystem. (Thank God for backups) Amazing what Linux does when it lacks the /bin /etc /var and /usr dirs. Nothing was lost except my time. (The intruder tripped over a security measure I had, so they only had root access for maybe a minute. Long enough to mess up the filesystem, but not long enough to sniff a bunch of packets or the like -- which my ISP was quite happy to hear I must say.) Interestingly enough it doesn't seem they were after the mud's code or a password file.. they just wanted to trash the machine. I write this hoping someone can share some jewels of wisdom. or failing that, maybe a few words about how I'm not an idiot for spending my time running a mud. :-) My questions: 1) What do you do about Gods that get themselves kicked off your mud and decide revenge upon the server is the way to go? I am 90% sure that this attack was by a former God on the mud (at least the log that I recovered by using a sector editor seems to support the theory -- the site being the same.) The reason this God was asked to leave is another story.. one that I would be happy to relate.. but isn't germane to this post. 2) What OS do you use? Do you consider it to be secure? I am currently considering BSDi and Solaris.. It seems fairly obvious to me that I'm not willing to spend the time it takes to keep a Linux system secure. At least the emperical evidence shows that to be true. :-) 3) Of the people on the list who have had security breakins.. what have you done to stop the attacks? (what do you do to stop the people from knocking on the door all the time? or.. what do you drink to stop you from caring that the barbarians are at the gate?) Thanks in advance for your time. --Mallory -- Imp of AntaresMUD (down for an OS replacement.. if you hadn't guessed) +-----------------------------------------------------------+ | Ensure that you have read the CircleMUD Mailing List FAQ: | | http://cspo.queensu.ca/~fletcher/Circle/list_faq.html | | Or send 'info circle' to majordomo@cspo.queensu.ca | +-----------------------------------------------------------+
This archive was generated by hypermail 2b30 : 12/18/00 PST