wirefire

Members
  • Content count

    61
  • Joined

  • Last visited

Community Reputation

0 Neutral

About wirefire

  • Rank
    HACK THE PLANET!

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Location
    England
  1. yeah, now i disabled ssh on the interface which helps me connecting the internet.... (changes the listenaddress on /etc/ssh/sshd_config) will it work? Yes you can bind your ssh server to a specific interfaces. From the statement above it would suggest you have bound the service to the internal interfaces only. This is fine providing it does not need to be accessed from the internet. Is this server plugged directly into the internet or is it behind a nat device such as a firewall/router? The reason I ask is that if it is behind a nat device and it does not need to be accessed from the internet then I would also not forward this traffic to the server in the first place. If your server is plugged directly into the internet I would review your firewall rulebase for this service and others to ensure it is tied down as much as possible. Well its directly connected to the internet...the sad part is that i have plenty of services running for ltsp terminal services (nfs,dhcp,tftp)...and i have disabled firewall (iptables)...... I am thinking of re enabling it and configure it properly If thats the case you should definately reconfigure your firewall and make sure its enabled. If you cannot restrict access to your ssh server to specific ip addresses thats not a problem just harden it the best using the recommendations above and you should be fine.
  2. yeah, now i disabled ssh on the interface which helps me connecting the internet.... (changes the listenaddress on /etc/ssh/sshd_config) will it work? Yes you can bind your ssh server to a specific interfaces. From the statement above it would suggest you have bound the service to the internal interfaces only. This is fine providing it does not need to be accessed from the internet. Is this server plugged directly into the internet or is it behind a nat device such as a firewall/router? The reason I ask is that if it is behind a nat device and it does not need to be accessed from the internet then I would also not forward this traffic to the server in the first place. If your server is plugged directly into the internet I would review your firewall rulebase for this service and others to ensure it is tied down as much as possible.
  3. Generally these types of attacks or very common and are propergated by worms. It could very well be a machine behind that ip address is infected with some malicious code and is searching for ssh servers. To be honest i am not sure whether I would waste my time informing them instead I would ensure my ssh server is as secure as possible whilst ensuring its availability. A few things you could do to secure your ssh setup are as follows; 1) Create a firewall rule to only allow ssh traffic to your server from specific ip addresses (if possible). 2) Disable the use of passwords and use publickeys. 3) There are scripts such as "DenyHosts" which can be used to monitor for exactly this thing. If a user attempts to ssh using X amount of incorrect password attempts you can block them indefinately or for a period of time. 4) Ensure you are only using ssh 2! 5) Create an "AddUsers" sections where you specify only the usernames on your machine which are allowed to be used to ssh to the server. If you do decide to stick with password authentication I would advise to ensure that all users passwords are complex/long enough that they are not succeptable to a dictionary attack!!!
  4. I too will vouch for governmentsecurity!
  5. Nice Background
  6. Kaspersky is also a very good antivirus system.
  7. Does anyone know if there are any plans to support binrev over https?
  8. Get yourself a firewall / intrusion detection system that has an event log.
  9. antone know any joke aplications? Anything with microsoft before it
  10. Dos

    Ping of death is an old denile of service which should be well patched these days, smurf software???? papasmurf.c? fraggle.c? By the way i do not condone ddos, its lame and could get you in serious trouble. Have fun finding the broadcast amplifiers!
  11. Is it possible to hack into a password-protected wired / wireless router that you are connected to? Of Course! Also what is the difference between 192.168.0.1 and 192.168.1.1? I've heard that they are used to access and configure the router; 192.168.0.1 does this for me but 192.168.1.1 does nothing. As mentioned above your wireless router will be your default gateway. The ip addresses you mentioned are typical defaults however it it could be neither or at most one of these. The best way to find the default gateway (router) is to; linux: ifconfig -a windows: ipconfig /all
  12. I can't speak for irssi-proxy as i have never used it however i used psybnc along time ago and it worked fine. I would be scepticle however if there is no encryption support these days especially on a free shell provider as they could easily sniff your connection for your nickserv password and conversations etc.
  13. Neither and both of you are right. I am your neighbour you have access to my poorly secured wireless network. One day i get suspicious that someone else is using my connection. If i don't actively do anything nothing will change so you will continue to have access. If i decide to change the administrator management password, enable a known good encryption algorith with a strong key, you are almost certainly going to be locked out. Ways you can circumvent this is by locking the user out of the own router by changing there management password although if they know a little bit they could hard reset it and you can't stop that. To be honest i think you answered yourself in your own question.
  14. Just found this url hxxp://freenode.net/faq.shtml which confirms what i said above but also may prove useful in recovering your name.
  15. You could type /stats -p which will either list available irc operators or alert them to message you. They should be able to point you in the right direction. Don't type the command more than once though as it will make them angry! When you registered your nickname did you specify your email address?