I’ve been very active within the Linux Community for a long time along with working for many hosting providers and have been managing servers for many years now and one thing that I continue to see is more and more children/incompetent adults buying servers and computers not being able to properly secure their servers. There are far too many people with access to computers who should not have any kind of access to the internet as they are simply security risks and are too stupid to be online like the rest of the general public.
I’ve an active reader on a forum called webhostingtalk, which seems to have a wide variety of individuals who seem to have access to computers and servers and are not able to secure them, and risk having their machines taken over by hackers or having their identity stolen. These are the kinds of individuals who place not only their company networks at risk, but anyone who might use the same computer.
Let’s take a look at some of those people now.
|
jalapeno55 wrote:
How can I "harden" my server?
And what exactly does harden mean?
|
Here we have a person who has a server that could be launching attacks any almost any moment, bringing down corporate networks or something that might have pissed any random hacker off. How is it fair to the rest of us who need our websites online but continue to get attacked because people like this cannot even install a firewall and probably have never heard of one? If you do not know what “harden” my server/computer means, you should not be able to ever own or use a computer. The reason is very simple, you are a security risk.
|
jalapeno55 wrote:
Does anyone have snort logging to a mysql database?
I am trying to get that to work so I can view the alerts with BASE.
I followed the instructions but snort is not logging to the DB, what am I doing wrong?
|
Next we have the same exact user asking about Snort and MySQL. For those of you who do not know what these are, Snort is a piece of software that you can use to block bad traffic and MySQL is something you need if you want to run a forum or blog or many other types of applications.
You can see from the quote above he is asking if anyone is using snort along with MySQL, and the answer is yes. It was designed for data to be logged to MySQL. If this person took the 30 seconds to search he would have found this out pretty quickly, which exposes the next problem. This problem is people no longer feel they need to educate themselves. Most quotes are simple if he were to search on a search engine he would find out that yes, a large amount of people have Snort logging to MySQL, and he would also find out what hardening your computer/server means. I can already tell him why Snort is not working for him, he has no grasp of technology and he should complete the 8th grade instead of working on servers or uses computers any further, and I suggest he picks up a lot of books on using computers.
|
smrtalex wrote:
CSF question
Is there anyway within CSF firewall to block a specific IP or IP range from accessing a specific directory? If not, what is the most efficient (least load on the server) to block a large number of IP's from accessing a specific directory?
Thanks!
|
Next we have a firewall question, it might sound like a good question if this is the first day you have ever used a firewall of any kind, a computer, a Linux machine, a cell phone, a toothpick but I am guessing most of you already know the problem if you run Linux. You cannot use a firewall to restrict access to directories. You can block IP’s, allow IP’s or even rate limit them, but you cannot use a firewall to restrict access to certain directories. For you Windows users out there, this question is kind of like “Can I use Norton Internet Security 2007 to act as a fileserver?”, and the answer to that is hell no and you need to start taking some basic computer classes.
I can already tell you this users computer and server is probably insecure, let’s just hope this user does not host any important websites, does not work in a bank, does not fly an airplane, and does not leave their home because if he does we are all at risk. It’s time for this individual to learn about basic security principles and techniques.
|
splatcatballa99 wrote:
named crash's? What logs to check?
Ok so the last two days named has died on my server? What logs should I be checking to investigate this. Also what are some other common logs I can look into.
|
Named is a service that is responsible for DNS for those of you who do not know and for our Linux users most are probably already aware that logs are stored in the /var/log directory the same way Windows stores logs in the Event Viewer (For the most part). Here we have another user who should not have access to a server trying to play house. He cannot even figure out the location of where named stores its logs (/var/log/messages). What else does this user not know? Is his server currently hosting phishing sites? Is his machine attacking random websites? Is his server currently hosting the website that just stole your identity? The answer to these questions is probably yes.
|
tmhosting wrote:
Hi, i am trying to setup a remote sql server , the web server which runs everything but sql is cpanel/WHM and the SQL server is Centos 5. I have installed mysql on the SQL server and it is running.
When i put the information in cpanel for remote sql setup it comes up with an error of :
usr/bin/mysqladmin: connect to server at 'IP Address' failed error: 'Host 'hostname' is not allowed to connect to this MySQL server' mysql has failed, please contact the sysadmin (result was "mysql has failed").
Is there something i have to enter in the remote sql server to allow the IP address of the cpanel server to be able to connect to the SQL server?.
|
Here we have another user called “tmhosting” who is actually a web hosting provider. Do you know what that is? He gets paid to host and keep your website online and look at what he just posted. Here the error message is “'Host 'hostname' is not allowed to connect to this MySQL server” and then he asks “Is there something i have to enter in the remote sql server to allow the IP address of the cpanel server to be able to connect to the SQL server?” What do all of my viewers think? The answer is yes. Is it supposed to read your mind? Is it just supposed to know it should connect? Should it do it all by itself even though it would be a security risk?
Here this user is asking what seems to be a pretty basic question and has the nerve to collect money from people who want to have a website and need it online. What kind of person do you have to be to take money from people to provide a service and not have the technical competency to do the job you were paid for? I’ll answer that for you all right now, you would need to be tmhosting and the answer to his question is yes, there is something you have to enter to be able to connect to the SQL server, it’s not going to do it on its own.
|
howsthat wrote:
I have sql 4..
I had changed my server and taken a backup of sql and restored on the new one..
Previously i had both MyISAM and InnoD type in my DB but after changing all InnoD tables are not recognised and they are giving an error :2
Kindly tell the solution for it..
|
Here we have another child here who is asking for help. What exactly is wrong with this post? He was too stupid to remember to include the error he is having. Does he really expect someone to give him the solution to his problem with no error and yet here he is in control of a server probably on a 100mbps port … who knows what kind of damage could happen due to his negligence. I’ve seen a lot of stupid posts but this is probably one of the better ones, I mean you have to be pretty stupid to post asking for help but give no details of the problem and leaving out the error message you are getting. If you were to ask someone “How do I solve this math problem?” without telling or showing them the math problem, do you really think they are going to help you? Should you have to ask them 100 questions to get the information you need? No! Many children do not think this far ahead though.
|
rllunzmann wrote:
WHM Issues - Please Help
Hello everyone,
Lately, i have seen the strangest issue ever. For the past two days this has been going on and just started happening out of the blue. I have changed my root password on one of my managed servers that is only managed by me.
For two days now, a particular domain has been suspended without my intervention. This has happened twice now. And today the domain is completely gone from my WHM account list...
What would cause this? I know that the root password was recently changed like yesterday but this issue keeps occurring. First the domain would be suspended and no it is being deleted everyday.
Please help
|
Here we have another hosting provider asking for help. His root password’s been changed, and domains keep getting disabled and deleted and yet he is not able to do what he should have done. He should have hired a server management company but my guess he was too cheap to do this or he must not care much about his customers.
I do not understand how people such as this individual can sleep at night knowing the people who host with them are probably depending on them to keep their sites online, machines secure and be there when support is needed, knowing that he does not have the ability to do anything technical in nature and now not only is his machine rooted and is going to need a full restore, but emails, databases, private customer files could be hacked and be on someone’s private hard drive. It’s funny though that this same individual has the message “Ryan L. Systems Administrator. Cheap Web Hosting Solutions” in his signature. What a great Systems Administrator huh? He cannot even keep his machine secure, his machine has been rooted, and it’s time for him to call it quits. If not he needs to hire a professional.
This pretty does it for my rant. The whole point of this blog post is to show that there are far too many people on the internet who cannot properly secure or run a server/PC for that matter. It’s really become necessary for people to be technically competent to have any kind of online access and people really do need security clearance, and access to the internet should be restricted to those who have passed certain government regulated classes.
It’s not fair that the majority of those on the internet have to suffer due to a small group of individuals who are too stupid to search for even the simplest of questions to have our websites taken offline and simply become security risks for the remainder of the internet. How many times have we heard about sites being taken offline by DDOS attacks? How many phishing sites have we all seen and who is hosting them? How many people have Trojans on their computers due to their lack of technical skills? Take a look at some of the quotes and who they are from if you still have questions on who those people might be.
Tags: Hosting Webhosting Security Incompetent Security Risk Linux Computers
