10 replies to this topic

[Oigen]

Ask yourself this. Do you have anything really of any worth to a hacker? If not, then why go through all the hassle?

[rumen]

Maybe some secret or confidential info is kept inside? :) Just kidding.

[LissaValerian]

I'm more concerned with someone hacking my site and using it for spam or phishing. I've seen that kind of thing, I HATE that.

[imported_envoy14]

ya ... i agree whats the point of having all this security?

[LissaValerian]

Give me access to your system and I'll show you. ;-)


j/k


:-)


<< ONLY KIDDING !!! >>

[Tor]

I'm not interested in protecting my personal PC because of that reason. I have nothing worthy of stealing nor am I online long enough for users to brute-force crack my passwords.

[rumen]

Tor said:

I'm not interested in protecting my personal PC because of that reason. I have nothing worthy of stealing nor am I online long enough for users to brute-force crack my passwords.

Same here. All the hackers could find here are some movies and MP3's:)

[LissaValerian]

I'm just more concerned about people taking over the systems and using them as spambots and such. That is a concern for me. It's not that I'm concerned about my own personal safety or identity, but I'm concerned about my box being used for other nefarious purposes and then it being traced back to me even though I may have had nothing to do with it. I just think it's important to keep the box secure. Just don't go all paranoid over it like I can be tempted to do sometimes. :-/ At least, thats my thoughts on it.

~LV

[Oigen]

Yea, I guess making your system a spam bot, or your website a phishing host could be pretty disturbing. However, the default security linux provides should be pretty much enough to block that. But what do I know?

[LissaValerian]

EugenS said:

Yea, I guess making your system a spam bot, or your website a phishing host could be pretty disturbing. However, the default security linux provides should be pretty much enough to block that. But what do I know?

I would be tempted to say not. A couple of years ago one of my webservers was hacked and someone had put one of those phishing subsites on one of my domains. First off, it wasn't even the default security, I had root kit detection, I had a bunch of firewall and other stuff. Apparently what had happened was someone had taken advantage of a vulnerability in some application I was running at the time that wasn't fully patched. There was a reason it wasn't fully patched, I forget what now. But now I watch this stuff a little more closely. But when I suddenly saw my traffic spiking and hitting a page I didn't even know existed, it wasn't long before I realized that someone had installed a bogus paypal phishing site on my webserver.

So, yeah, they don't care about YOU or ME, they just want our servers to hide their own identities while they commit their crimes and steal other peoples money. Anyways, this was a few years ago, and I learned to tighten up my system after that.

But out of the box linux is still open for hacking. It needs to be hardened, secured, updated, patched, etc.

Yes, it's much much better than windoze, of course, since most people who use windoze don't know what they're doing so of course hackers are going to target the idiots. Linux just takes more work, but they still do it.

~LV

[Valor]

From what I have seen hackers want to use your server to benefit them financially. They will put an iframe on your website, phising site, spam bots, IRC DCC Bots and anything they can that will benefit them somehow.

Then you have the other brand of hackers that 'rm -rf' everything....