[plug] Fw: I am so sorry!Your hosts was hacked!

[Matt Kemner]

On Mon, 9 Apr 2001, Simon Scott wrote:

> 	Ask yourself 1 question..... do you really care?

Simon, you had better care.
The main reason for someone wanting to crack your box, no matter how
pitiful it is, is to use it as a launchpad to either break into somewhere
else, or flood someone else's network (Denial of Service)

You are responsible for anything that comes from a machine that is
supposed to be under your control, so it is you that will be talking to
the authorities if it happens.

Just a few days ago I got a notice from one of my suppliers saying that
someone on IP address such and such at such and such time attempted to
crack one of NASA's sites, and would I be so kind as to terminate the
customer's account immediately, but to keep their details and await to be
contacted by the appropriate authorities.

As it was, I happen to know said customer really well, and I knew there
was no chance of them being responsible - and I also knew they were using
a very old version of RedHat on their gateway (not installed by me)
and that the chances are very high it was broken into and use by someone
else - and my supplier was happy with my assurance that said machine would
be taken off-line immediately and formatted/installed an up-to-date
version of Linux before being put back online.

If I hadn't known the customer that well, they would have found themselves
without Internet access and with a whole lot of explaining to do.
 
Anyway, sorry for the rant, don't take it too personally, I'm just
concerned that so many people are blasé about the whole security thing
when it should be a top priority for everyone.

 - Matt