Re: Mud Machine hacked -- AntaresMUD

From: Roger Barlow (roger@the-link.net)
Date: 02/25/97


In my eyes, the only way to REALY keep your system secure is to not allow
access to it. You can specify who has telnet access to your system by
editing the /etc/host.deny and /etc/hosts.allow

			-Roger

On Mon, 24 Feb 1997, Gary Barnett wrote:

> I'm not sure this is on-topic.. yet I think maybe it can squeak by. If
> you feel it is off-topic enough to flame, flame away (to me, not the
> list, please)
> 
> I had a fun day today. Someone managed to hack into my mud server and
> wreak havoc on the filesystem. (Thank God for backups) Amazing what
> Linux does when it lacks the /bin /etc /var and /usr dirs. 
> 
> Nothing was lost except my time. (The intruder tripped over a security
> measure I had, so they only had root access for maybe a minute. Long
> enough to mess up the filesystem, but not long enough to sniff a bunch
> of packets or the like -- which my ISP was quite happy to hear I must
> say.) Interestingly enough it doesn't seem they were after the mud's
> code or a password file.. they just wanted to trash the machine.
> 
> I write this hoping someone can share some jewels of wisdom. or failing
> that, maybe a few words about how I'm not an idiot for spending my time
> running a mud. :-)
> 
> My questions:
> 
> 1) What do you do about Gods that get themselves kicked off your mud and
> decide revenge upon the server is the way to go? I am 90% sure that this
> attack was by a former God on the mud (at least the log that I recovered
> by using a sector editor seems to support the theory -- the site being
> the same.) The reason this God was asked to leave is another story.. one
> that I would be happy to relate.. but isn't germane to this post.
> 
> 2) What OS do you use? Do you consider it to be secure? I am currently
> considering BSDi and Solaris.. It seems fairly obvious to me that
> I'm not willing to spend the time it takes to keep a Linux system secure.
> At least the emperical evidence shows that to be true. :-)
> 
> 3) Of the people on the list who have had security breakins.. what have
> you done to stop the attacks? (what do you do to stop the people from
> knocking on the door all the time? or.. what do you drink to stop you
> from caring that the barbarians are at the gate?)
> 
> Thanks in advance for your time.
> 
> --Mallory -- Imp of AntaresMUD (down for an OS replacement..
> if you hadn't guessed)
> 
> 
> 
> +-----------------------------------------------------------+
> | Ensure that you have read the CircleMUD Mailing List FAQ: |
> |   http://cspo.queensu.ca/~fletcher/Circle/list_faq.html   |
> |    Or send 'info circle' to majordomo@cspo.queensu.ca     |
> +-----------------------------------------------------------+
> 

+-----------------------------------------------------------+
| Ensure that you have read the CircleMUD Mailing List FAQ: |
|   http://cspo.queensu.ca/~fletcher/Circle/list_faq.html   |
|    Or send 'info circle' to majordomo@cspo.queensu.ca     |
+-----------------------------------------------------------+



This archive was generated by hypermail 2b30 : 12/18/00 PST