Say a client of yours reported someone telling him/her that he/she was going to hack his/her site. Let's also say you were given some way to get in contact with the possible hacker (IM, email, etc.). What would be the first thing you would do? Would you talk to the possible hacker to see if this is true? Would you believe him/her if he/she said no, your client gave you false information? Just a bit curious... :D

I'd have a nice chat with him. Then I'd email the clients on that server to have them aware of the situation, then I'd lock down the server. Such as putting PHP in Safe Mode, Turning off SSH... and doing all that other stuff.

Well, is this a potential risk to your servers and other clients? If so, I would make sure you are up-to-date on all security issues and you should be fine.

I wouldnt contact them about it though, but thats just me.

Please check your PM.

Originally posted by inogenius
I'd have a nice chat with him. Then I'd email the clients on that server to have them aware of the situation, then I'd lock down the server. Such as putting PHP in Safe Mode, Turning off SSH... and doing all that other stuff.
Isn't this blowing it a little far? I mean, if I were to email you or a client of yours right now and tell them I am going to hack their site/sever, you would do all you stated above?

Oh, and BTW, I hope I didn't imply that such has happened to me. :)

I would hire someone to secure the servers since you dont sound too confident in their security :(

If you offer ssh access by default, don't. If you get a new customer who immediately asks for ssh access - get a copy of a drivers license or something, This may just be the person who made the threat.

:D :D

i think u r overreacting

hackers that warn their victims before they hack are rare species
dont believe 15yo boys threatening the world

just have ur strict firewall rules up n running and stay away from IRC and nothing will happen (i hope) :kaioken: ouchhhhhh

:fairy:

Isn't this blowing it a little far? I mean, if I were to email you or a client of yours right now and tell them I am going to hack their site/sever, you would do all you stated above?

Well, not as a permenant issue, but rather just for a week. I mean, would you rather run a higher risk of getting hacked, or would you just rather have a few less functions for a short period of time?

Originally posted by smidwap
Say a client of yours reported someone telling him/her that he/she was going to hack his/her site. Let's also say you were given some way to get in contact with the possible hacker (IM, email, etc.). What would be the first thing you would do? Would you talk to the possible hacker to see if this is true? Would you believe him/her if he/she said no, your client gave you false information? Just a bit curious... :D

I would laugh :laugh: then get his ip. Then inform his/her isp. :D what luck, it rhymes :)

does informing an ISP of someones IP's whos threatened to hack actually get anything done though ? i doubt it.

Nah, but it's fun :)

Originally posted by smidwap
Say a client of yours reported someone telling him/her that he/she was going to hack his/her site. Let's also say you were given some way to get in contact with the possible hacker (IM, email, etc.). What would be the first thing you would do? Would you talk to the possible hacker to see if this is true? Would you believe him/her if he/she said no, your client gave you false information? Just a bit curious... :D Personally, I would go on "alert" status. Check that security is up to snuff then wait 'n' see. Is that the attitude to have everyday, though?

Since nothing can be done until something has been done, I wouldn't do anything I wouldn't do otherwise. ;)

Originally posted by neil
If you offer ssh access by default, don't. If you get a new customer who immediately asks for ssh access - get a copy of a drivers license or something, This may just be the person who made the threat.

thats a good idea

First off, I do not offer SSH access by default ;) . We have to receieve a faxed or emailed photo copy of the user's drivers license. We also have to receieve other information about the user before granting SSH access. So that is basically taken care of...

I guess the smartest thing to do would be put tightened security on the server if you get a hacker threat.

One last question: If a user of yours is getting a lot of hacking threats, with most of them (can't say all because you never know) just mood issues, would you consider just saying, "Sorry, but you are going to have to find a new home. We can't continue to place tightened security on the server and jeopardize other users for each and every thread you get." It seems logical to me; it is just like a user can't take up to much CPU as they are making it worse for all the rest of the users on the server.

for just threats? absolutely not.

Originally posted by skelley1
for just threats? absolutely not.
What you have to understand is that it seems only logical when you get a hacker threat to activate tight security on your server. Now, if you have a user who is reporting hacker threats every other day, then you can't afford to keep tightening security on your server. This is especially the case if many of your users rely on PHP safe mode being on off as well as being able to access shell.

If you have a specific user who is getting tons of hacking threats, and he is relaying them on to you. Then im guessing this guy is doing something to piss someone off. Maybe you should do a little spying or keep a good eye on his/her account.