Posted Saturday 15th December 2007 00:42 GMT
Dear Sir/Madam,
Your claims of being an El Reg Hack are currently being put into doubt. In order to re-establish your good name, I hereby require you to respond to the following question:
Why aren't you at the pub?
Posted Saturday 15th December 2007 00:42 GMT
There are a number of exploits that get loaded into Apache and then affect all sites hosted on the server. Tight sysadmin can make it harder for these varmints to get in. It sounds to me like this might be what happened here.
Posted Saturday 15th December 2007 01:07 GMT
Some times it's not what the Exec in a corp says but what he does(over a period of time) that tells you what their real intentions are. So do we go for three? ;)
Posted Monday 17th December 2007 03:33 GMT
Apache on its native *nix system does not use DLLs as they are windows implementation. Sure it uses libraries but it is a bit harder to convince a *nix system to load unauthorised ones...
Posted Monday 17th December 2007 03:36 GMT
Only do critical (i.e., related to money) work on a machine that doesn't cruise unfamiliar websites. Use that old dusty obsolete box for searches, then you (mostly) don't care if it is infected-- image the drive and re-install every now and then, no reason to waste money on antivirus for the dustbox.
Or use Knoppix or another read only media OS. There is no real reason to have only 1 physical machine anymore.
You can also use a brouter / EtherReal (or Snort/Ntop) and sniff what back alleys your PC is really visiting when you aren't watching! A TB drive will store a couple of years of trace information for most people if you aren't hooked on youtube or BitTorrent or such.
The only reason most of us haven't had our identities stolen yet, is that there are just soooo many easier targets... totally unprotected machines waiting to be plucked, or machines manned by children, while we all have at least antivirus, firewall, and don't promiscuously share admin/superuser privileges right? Eh... I don't see too many hands raised out there....
Posted Monday 17th December 2007 10:28 GMT
Some of us have actually bred and (and even live with a significant other), have neither the time, money or inclination to play Mr (or Ms) security expert at home
Also when it's your day (and fecking takes up too many nights too) you really will not be pouring over such items in what little spare time one actually has.
I do agree with the need for something like smoothwall (& a proxy) like rather than the pretty useless so called software firewalls.
Also your "May contain highly technical ...." icon / avatar was just embarrasing (but then there isn't one for "Lives at home with Mum and still plays Magic the Gathering")
Posted Monday 17th December 2007 11:44 GMT
I was doing some testing on my internal website using ie7 and scoped the traffic to try and find a bug. I was surprised to find that packets containing my typed data were being sent to an external IP address registered to MS, even while the real web dialogue was going on between the internal machines.
Posted Monday 17th December 2007 15:54 GMT
The only infection you probably have is from Microsoft. They've had the audacity in the past to look at what you're doing on your computer with Win95, and they're doing it again in Vista (and probably IE 7 as well).
Posted Monday 17th December 2007 19:59 GMT
Because I actually have to show up at work for my paycheck. Not that I have to do anything...
Sign up, sign up for The Register's weekly IT security newsletter - click here
Back to the article
