say you're a pretty happy client... speak nicely about a provider on the forums generally... and all... ... ... ...

would you do something as stupid as "hack" one of their administrative workstations.. and something as childish as install "trojans" onto their computers?

to better understand my standpoint... take this into consideration: say you are basing a business that makes you a few thousand dollars per month, pays ALL your bills and generally maintains your livelyhood... ... ... on this service provider (well, pretty much because its this provider that gives you the market advantage... and without it, revenues just be mediocre)... would you consider "hacking" them? (putting your entire livelyhood at risk for a few cheap thrills or whatever) say you have never ever "hacked" in your life, and you're mature enough to not do something that childish (and also cuz you don't know how)...?

so... lets look at this... service provider... holds all the cards, cuz its them thats giving you the "market advantage"... ... ... ? so... what to do, what to do... heh...

LETS HACK THEM, right?

LOL...

Hmm. That doesn't make sense at all. Are you sure that:

a) this person was in fact the hacker and a hacker didn't use his or her account or whatever to hack into you

and

b) that if the person did hack into you it wasn't somehow a really dumb but honest mistake?

My guess is A because no one hacks into their own upstream provider's system especially when their livelihood depends on it.

I would give him the benefit of the doubt and look for other possibilities.

Red

well... this "hacker" in question is me... and why can i be sure i didn't hack or anything... well, the time that his hacking was taking place, i was not even near a computer... a very cute chick can confirm that... lol... and the provider refuses to provide any information regarding this "hack"... except "...but IP and traceroute point directly to you.".

and yes, these servers were fully secured (i've been doing this for 7 years... i know what i'm doin'... going to extremes such as only allowing SSH from my IP via ip firewalls in freebsd)... and blocking off all ports 'cept 21 (ftp), 22 (ssh) and 80 (http)... and FTP i make sure there are no accounts with root-level access... and its not possible to run interactive programs via a web-based shell (CGI script that executes shell commands under user nobody)... ... ... ...

all secured... so nobody else did it from my boxes...

Ah. Then it seems as if your upstream provider is a complete idiot. :D

I hope it works out for you.

Red

i know... i must have done it with the wireless minibrowser on my cell phone

LOL... HAHAHAHAHAHAHA... u know, that little 16x82 character browser on the cell phone screen... lol... yeah, that must be it... no wonder my fingers are so sore... typing in all those commands on the little cell phone keypad... lol...

Netdude,

What were you doing with a cell phone at the same time as being with a "Cute Chick"?!?!?

Actually...perhaps i shouldnt ask..

hmph

DM :)

if the upstream provider is not giving out details, then either they're trying to cover up something (who it actually was, their incompetence, whatever), or they can't due to legal reasons. if it's due to legal reasons, i'm sure you can expect a knock on the door from the police or FBI sometime soon. if they're blaming you, then i'm sure someone will be coming to get you.

not saying that this is the case, but it could be. if you're interested in proving that you're innocent, then i suggest that you talk to someone that knows about internet crimes that will be able to help you in this. the fact that you weren't at the computer at the time, doesn't mean it wasn't you. if there was some sort of hole in your setup (it's always possible), then they could get you with neglect to secure your systems. (yes, it's becoming more and more of a crime now a days to "neglect" to secure a computer.)

just something to think about.

if i cracked my upstreams boxen they sure as hell wouldnt know that a compromise has taken place, and surely not who did it. as for 'just' ftp, ssh and http, that really isnt that little ;)

Originally posted by netdude
and blocking off all ports 'cept 21 (ftp), 22 (ssh) and 80 (http

So your FTP service doesn't work then?

sure it does... passive doesn't tho... heh

ftp, ssh and www.... is little enough... hehehehe... and the apps i use to serve ftp and www... i make sure they're patched up good... heh

these boxes don't even serve DNS/etc... i have that outa a totally separate facility... heh

So ftp runs on just port 21, eh? :)

ftp_conntrack prolly

Originally posted by rusko
ftp_conntrack prolly

Well, he stated he only allowed those ports (21, 22, 80). Which would mean FTP would not function properly as it needs port 20 to transmit data. I was just seeing if he knew what he was talking about.