BlackHatCrew - Elite Blackhat SEO Webmaster Forum - View Single Post

pussyluver · 12-26-2007, 09:01 AM

3. Disable Plaintext Logins for Root.
Obvious

4. Services DO NOT Get to Run as Root
Not gonna list a screen cap of my PIDs - Think my host read the article or knew the issues before they did the setup of the box. The right provider is key unless you're a guru yourself.

5. You Should Sign into Every Server you Own at Least Once a Week and Watch Things.
agree. Even if you don't understand everything, anything that does raise a flag can be researched or you can ask your provider. Fuck, a manual comes on the machine... Then there is google or as a last resort GFY.

Seriously, your best source if things are serious are your peeps. Those you know you can trust, even with your passwords.

6. Uninstall and Remove Zend Optimizer if Possible
Does CT need Zend Optimizer? We could use a discussion about CT sometime. Sixzeros has always gone the extra mile. Still it is software and all software is a risk...

7. Know Your Box.
Fo sure. Look often, see something you don't like find out. Fail to do this at your own risk. Speaking from experience of course. Look daily. Monitoring software makes sense. A seperate thread on that should be up if not already.

8. If Your Box is Compromised.
Unless you physically own the box, the host is not gonna ship it to ya. Plus they may beable to interrupt what went on better than you can if you're not a guru. Still looking at logs provides a wealth of information.

Reporting a hack to authorites may be more involved and take more time than it is worth, something to consider. If you haven't been through it, talk to someone that has.

So unless it involves stollen cc number or equally valuable info, prolly best to learn from the event and figure out a fix or protection. Then get your shit up on another box ASAP.

Taking a box down hurts seo, trades, income. Dreamhost is so cheap it's not funny, so you could get a site back online fairly quick if you grabbed an account from them and changed DNS info. BTW, they do mirroring. That could be an answer depending on what the exact issues were. If you're in trouble, your host provider can prolly get a second box up too and move the data fast.

Parting thought on the list that would apply to most of us here I think. Who you host with is paramont. If you can't stand the downtime, then you need tech support+++++ and the ability to contact the individual to get to the companies best brains to resolve an issue. That's even if it is on Christmas day at 3:00 am.

12-26-2007, 09:01 AM	#4 (permalink)
pussyluver member Join Date: Oct 2007 Posts: 417	3. Disable Plaintext Logins for Root. Obvious 4. Services DO NOT Get to Run as Root Not gonna list a screen cap of my PIDs - Think my host read the article or knew the issues before they did the setup of the box. The right provider is key unless you're a guru yourself. 5. You Should Sign into Every Server you Own at Least Once a Week and Watch Things. agree. Even if you don't understand everything, anything that does raise a flag can be researched or you can ask your provider. Fuck, a manual comes on the machine... Then there is google or as a last resort GFY. Seriously, your best source if things are serious are your peeps. Those you know you can trust, even with your passwords. 6. Uninstall and Remove Zend Optimizer if Possible Does CT need Zend Optimizer? We could use a discussion about CT sometime. Sixzeros has always gone the extra mile. Still it is software and all software is a risk... 7. Know Your Box. Fo sure. Look often, see something you don't like find out. Fail to do this at your own risk. Speaking from experience of course. Look daily. Monitoring software makes sense. A seperate thread on that should be up if not already. 8. If Your Box is Compromised. Unless you physically own the box, the host is not gonna ship it to ya. Plus they may beable to interrupt what went on better than you can if you're not a guru. Still looking at logs provides a wealth of information. Reporting a hack to authorites may be more involved and take more time than it is worth, something to consider. If you haven't been through it, talk to someone that has. So unless it involves stollen cc number or equally valuable info, prolly best to learn from the event and figure out a fix or protection. Then get your shit up on another box ASAP. Taking a box down hurts seo, trades, income. Dreamhost is so cheap it's not funny, so you could get a site back online fairly quick if you grabbed an account from them and changed DNS info. BTW, they do mirroring. That could be an answer depending on what the exact issues were. If you're in trouble, your host provider can prolly get a second box up too and move the data fast. Parting thought on the list that would apply to most of us here I think. Who you host with is paramont. If you can't stand the downtime, then you need tech support+++++ and the ability to contact the individual to get to the companies best brains to resolve an issue. That's even if it is on Christmas day at 3:00 am.