We didn't shut anyone down, the owner of the site sold it. We didn't force him or anything.
Printable View
We didn't shut anyone down, the owner of the site sold it. We didn't force him or anything.
Go google the metasploit project. That should help you test your environment.Quote:
. I will be interested in finding such a site coming up pretty quick - I need someone to pen-test my server (once I get the POS back up next week >.<).
1. Antionline is too slow (speed-wise - that's really my biggest complaint..this is a vBulletin running on what?)
2. The people who made AO have moved on. I'm not talking about JP (although he's problably "moved on" as well).
3. The moderators are awfull. Gore, Negative, Red, the Johnno guy... \
gore - I can count on one hand the number of times someone has ever complained about me. Probably because I don't close threads every 5 minutes like some were doing. I also have solved MANY problems between users. And the rest was mostly deleting and banning Spam, and moving threads to the proper forum. I haven't done anything wrong.
Negative - He's been banned from here for almost a year for being an ass.
Red - I have no idea who you're talking about. There is no "red".
Johnno - Nihil? Again, considering that he and I are the only ones here anymore, and we take on the whole thing ourselves with Joe's assistance.... You've made one post after joining a year ago. Hard to take that seriously.
http://www.youtube.com/watch?v=R5kPUFxXYLs
and as a note to the whole thread, I still don't know why everyone is still on what once was.....
Yeah, I don't get it either. Who started this ridiculous thread anyway? :rolleyes:Quote:
Originally Posted by SnugglesTheBear
Thanks Horse. Yeah, I fooled around with it a while back, but I'll give it another go. What I really want to know is - what is the likelihood of compromising a SOHO with the following:Quote:
Originally Posted by TH13
Linksys WRT54GL wireless router - WPA2 Personal wireless security, forwarding ports 80 and 22 to the Slack Server.
Slackware 13.0 web/file server - Samba, SSH and Apache w PHP. IPTables setup to allow no more than 3 failed SSH login attempts before blocking attempts for 10min. No forms, fileshare available via .htaccess login and password (all strong passwords).
Windows XP Home Ed Desktop - fully patched, updated, no exploitable services running
Windows XP " " Laptop - " " " " " " "
Windows 7 64 Ultimate Desktop - " " " " " " "
Mind you, when I say "likelihood of compromising," I mean from the outside, assuming everything inside the network stays the same.
I may just start another thread for this question... :p
I hit them up without even trying to be honest. This... I'd probably flat out ask for htaccess then upload my own scripts.
The likelihood of compromise is a function of the determination of the one trying to compromise your environment and the value/reward for doing so.
This is the same argument I make when someone asks me to place an absolute value on residual risk. The dirty little secret is, you can't.
That said, should *every* variable be correct, you shouldn't be an "easy" target because you're doing the basic due dilligence of attempting to limit access.
You started it ;)
Also, that's a neat set up you have there. I've been using Slackware 12.0 on my FTP Server for... A LONG time. Back when I was setting it up, I think I had 10.0 on it, and I didn't upgrade until 12.0 because for some reason, 11.0 didn't like some of my stuff. So I just stuck with what worked. Eventually, when I upgraded, I did it in a manner to coincide with me adding another Hard Drive. I figured if the machine is going to be down for a hardware upgrade, I might as well upgrade the OS too.
Worked out well. Also, remember in Slackware to do this:
vim /etc/securetty and to add only one. This way Root can only log in from that console. Fairly common, but useful none the less :)
And Horsey, nice to see you got off your ass and came around again! Now if you'd get your ass up here for a visit!
Don't get used to me being here. I simply poked my head in to see if there was any life left here. Clearly there is not. I know it's a hard pill to swallow but internet.com has not seen the light here. The site is not providing value to real security professionals. The site is more or less a level 1 helpdesk with some lingering post wh0re$ who post for the sake of posting. It's sad really. This was once a wonderful place that I loved being part of.
I will poke back in again in 5 or 6 months to see if anything has changed. In the mean time, back to real security issues...
;)