dopetalk
Technology => SMF Forum Code Modifications => Topic started by: smfadmin on June 28, 2015, 09:03:51 AM
-
guys, i will be looking at improving site security over the next few weeks.
your mail addresses are only available to admins.
we are also protected by the fact that we are small and thus, relatively private.
-
When you say that e-mail addys are only available to admins, do you mean:
1. that only admins can see e-mail addresses, and regular members can not see them?
OR
2. that only admins can e-mail other members, and regular members can not e-mail other members?
-
1. only.
-
Thanks for clarifying, Chipper.
Glad that regular members can still e-mail each other.
-
as far as compliance goes, I have enabled PM's for regular users; I can dunp out logs and database tables if need be, for review IF I suspect anything.
I will be following Chopstix's suggestion on Opio - and lock us down.
-
the only access to ISPConfig is by a non-standard password for admin - one issue fixed.
note: the Metasploit software (msfconsole) is installed.
may look at locking down ports, too ...
-
many ports locked down now.
untested as of yet.
see "iptables" in this forum.
-
Nark, i have to revise Chipper's reply ... regular members can see email addresses but guests cannot.
it's this way so people can email each other outside the internal messaging systems.
-
fail2ban and Rootkit Hunter version 1.4.2 all installed and config'ed.
did you know ? we get an attack every few minutes. are they drug haters ? no, just opportunistic, predatory software. it really is nasty out there in 'netland !
less apps but they still are on index.html
-
'Morning Chipper :) I know next to nothing about this stuff, but your comment made me curious:
These attacks... how does it work? Does some turd write a program that then goes out & tries to attach itself to whatever it can?
Also, my understanding is, that the results of such are frequently malicious, but why is it done in the first place (beyond a pride 'lets see if I can break this toy' thing)?
ps. I know I just asked 2 super simple questions with VERY complex answers, so if you're too busy, no worries :) have a great day/night! s&w
-
internet security is as new to me as it is to you because the smart guys at Opio pointed out my holes only recently.
i don't get it either - why fucking try to be nasty (? !) but i think that their main purpose in life is to "spamadvertise" once they take over a site and they just probe all IP's and try all sorts of "typical" access attempts and try registration-less forums like my first online experience.
for example, one doesn't build the website from a here, no (this is just the forum), i do it through a Linux console. like Microsoft DOS used to look like and running CentOS 6.7 software (like RedHat).
i access the root user using "ssh", then login using my name and password. all some software has to do is try it's luck by emulating what i would do.
now when i first started the site forum by myself, i waived the Registration process and didn't think to modify it then the next few days i had, man 100's of members all saying "CIALIS VALIUM etc. man, i was pissed as i had to delete those fuckers - there are forum bots and crawlers (for Search Engines) and all sorts of automated "processes" going on out there - i had to start banning, then stopping multiple login attempts using ssh and build a basic firewall
the dollar, the root of a lot of evil, is at the heart of it, no fucking doubt.
-
Thanks for the explanation :) My brother runs IT for a global company but he has very little patience for 'kindergarten questions'. I STILL remember when my daughter was about ten. him telling her in no uncertain terms that she *could* use his 'puter when we visited, but under NO CIRCUMSTANCES could she go to Disney, Nickelodeon, etc.
He tried to explain about firewalls etc, but.. we both adore him, we just know he kinda goes into his own little bubble (muttering to himself etc), when working & WOE UNTO THOSE who interrupt lol. (She of course obeyed his boundaries lol).
Your spamvertising idea makes sense. I wonder if its only a small fraction who write for malicious reasons & many more do it to prove their skills... hmm each question brings another to mind, like, do programmers worry about the consewuences or discuss the ethics of this with their peers? I don't blame you for being po'd about all that spam!
Lol not enough coffee yet. Thank you SO much for all your hard work (& of course all who help w/this Greek stuff)--obviously we wouldn't be here without it!
-
i'm more open about this stuff ... you are most welcome.
ethics ? that's the billion dollar question ... most techies you can trust but the guys who write this crap do so for financial or personal gain - there's a lot of unfairness out there and disgruntled IT workers and who knows what else ?
all i know is that it has to go ... :)
-
Thanks for the explanation :) My brother runs IT for a global company but he has very little patience for 'kindergarten questions'. I STILL remember when my daughter was about ten. him telling her in no uncertain terms that she *could* use his 'puter when we visited, but under NO CIRCUMSTANCES could she go to Disney, Nickelodeon, etc.
Just out of curiosity, why didn't your brother want her going to Disney or Nickelodeon? I find that funny. Personally I think Disney is evil. They're like neo-Nazis and ultra-conservative IMO.
I don't know any of this IT stuff either. I just try to help out by answering questions, editing things for people, helping to resolve conflicts (when I'm able), and be on the lookout for gay slurs. Chipper appointed me monitor of gay bashing a while ago. I don't know if he was serious, but I'm glad to help in that facility. I will say I've never seen any homophobia in anything I've read so far. I think our community is generally intolerant to that type of thing.
-
current /etc/sysconfig/iptables:
# Generated by iptables-save v1.4.7 on Mon Jul 27 09:52:16 2015
*nat
:PREROUTING ACCEPT [1453:78082]
:POSTROUTING ACCEPT [173:14853]
:OUTPUT ACCEPT [173:14853]
COMMIT
# Completed on Mon Jul 27 09:52:16 2015
# Generated by iptables-save v1.4.7 on Mon Jul 27 09:52:16 2015
*mangle
:PREROUTING ACCEPT [21373:4645726]
:INPUT ACCEPT [21371:4645622]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [18538:14867372]
:POSTROUTING ACCEPT [18538:14867372]
COMMIT
# Completed on Mon Jul 27 09:52:16 2015
# Generated by iptables-save v1.4.7 on Mon Jul 27 09:52:16 2015
*filter
:INPUT ACCEPT [30:3870]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [266:92933]
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
-A INPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 2525 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 465 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 873 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 995 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 10000 -j ACCEPT
COMMIT
# Completed on Mon Jul 27 09:52:16 2015