Results 1 to 17 of 17
-
05-09-2005, 11:15 PM #1Junior Guru Wannabe
- Join Date
- Sep 2003
- Posts
- 98
Server secure, but last reboot is 280+ days?
My friend's account is hosted over at IPowerWeb. I can't reveal the domain, as everywhere you look is a hole!
Also, he runs Invision Power Board v1.2
Here is some info according to this script: http://codewalkers.com/seecode/498.html
Software: Apache/1.3.31 (Unix) mod_log_bytes/0.3 FrontPage/5.0.2.2635 PHP/4.3.10 mod_ssl/2.8.19 OpenSSL/0.9.7c
Uptime (days): 361 days, 5:51
And this is the load right now: 3.88,3.30,2.89
He thinks his server is secure, and asks people to hack it, but his security is based off of the fact nobody will take the chance to hack it, because it is illegal. He also thinks it is ok for a server to not need a reboot for 200+ days.
Anyone care to explain why it is unsecure if a standard shared server has not been rebooted for a LONG time? I'll link him over here, and hopefully he will learn.
Or can someone please explain to me how a server can be secure without a reboot in almost a year?Last edited by BobbyDouglas; 05-09-2005 at 11:20 PM.
-
05-09-2005, 11:32 PM #2Web Hosting Master
- Join Date
- Sep 2002
- Location
- Oklahoma
- Posts
- 825
Re: Server secure, but last reboot is 280+ days?
Originally posted by BobbyDouglas
Or can someone please explain to me how a server can be secure without a reboot in almost a year?
-
05-09-2005, 11:35 PM #3Junior Guru Wannabe
- Join Date
- Sep 2003
- Posts
- 98
So you have non windows servers that haven't been rebooted for over 200+ days?
-
05-09-2005, 11:47 PM #4Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
Re: Re: Server secure, but last reboot is 280+ days?
Originally posted by DD-SNC
A server can be secure without a reboot, by not running Windows. Additionally, many patches do not require a reboot, only a restart for that paticular service/daemon.Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
05-09-2005, 11:54 PM #5Junior Guru Wannabe
- Join Date
- Nov 2003
- Location
- Phoenix
- Posts
- 44
Linux/*Nix servers do not need to rebooted for any reason at all, except for a couple of things such as recompiling a kernel. There have been servers online running for years without a reboot.
The server being up that long without a reboot is actually a good thing.
Reboots are for the unlucky Windows users. Use Linux and you will learn to forget about having to reboot.
-
05-09-2005, 11:54 PM #6Junior Guru Wannabe
- Join Date
- Sep 2003
- Posts
- 98
"negative... there are many linux root exploits and all of the patches require a reboot"
I thought something like this was the case. Netcrafy reports last reboot was 280 days ago, the script I linked to the my first post, says 381 days..
-
05-09-2005, 11:59 PM #7Junior Guru Wannabe
- Join Date
- Nov 2003
- Location
- Phoenix
- Posts
- 44
Re: Re: Re: Server secure, but last reboot is 280+ days?
Originally posted by thelinuxguy
negative... there are many linux root exploits and all of the patches require a rebootLast edited by embsupafly; 05-10-2005 at 12:07 AM.
-
05-10-2005, 12:07 AM #8WHT Addict
- Join Date
- Nov 2003
- Location
- Boston, MA
- Posts
- 141
Re: Re: Re: Re: Server secure, but last reboot is 280+ days?
Originally posted by embsupafly
WRONG! Pretty much only if you are recompiling the kernel. The majority of patches do not require a reboot, and there are not "many" root exploits. Also the majority of security issues regarding issues are due to poorly trained and system admins who are not knowledgeable or responsible enough to take care of a Linux Box.
-
05-10-2005, 12:10 AM #9Web Hosting Master
- Join Date
- Apr 2002
- Location
- USA
- Posts
- 5,783
There has been at least 4 kernel security updates in that time frame.
Apache/1.3.31 has a few holes in it.
The box is not secure.
-
05-10-2005, 12:18 AM #10Junior Guru Wannabe
- Join Date
- Nov 2003
- Location
- Phoenix
- Posts
- 44
Originally posted by Techark
There has been at least 4 kernel security updates in that time frame.
Apache/1.3.31 has a few holes in it.
The box is not secure.
I do agree with the issue with Apache having security problems though.
-
05-10-2005, 12:19 AM #11Web Hosting Master
- Join Date
- Apr 2003
- Location
- NC
- Posts
- 3,093
Originally posted by Techark
There has been at least 4 kernel security updates in that time frame.
Apache/1.3.31 has a few holes in it.
The box is not secure.John W, CISSP, C|EH
MS Information Security and Assurance
ITEagleEye.com - Server Administration and Security
Yawig.com - Managed VPS and Dedicated Servers with VIP Service
-
05-10-2005, 12:20 AM #12Junior Guru Wannabe
- Join Date
- Sep 2003
- Posts
- 98
embsupafly, please don't turn this into a bash. I really want to hear some facts. Attack the issue, not the person.
-
05-10-2005, 12:24 AM #13Junior Guru Wannabe
- Join Date
- Nov 2003
- Location
- Phoenix
- Posts
- 44
Understood, I apologize to all offended.
I will go do some research and present my evidence.
-
05-10-2005, 12:35 AM #14Junior Guru Wannabe
- Join Date
- Sep 2003
- Posts
- 98
Thanks
I really want to know why or why not this is secure/unsecure. Rather learn a bit about this. I figured some people would say that Linux runs strong, and doesn't need to be patched. And others would argue that Linux needs updates that require reboots.
Not sure what is the reason behind either answer, but hopefully I will know after some experts take the time to prove it
I always thought the server needed to be rebooted every couple months for updates, but I could be wrong...
-
05-10-2005, 12:57 AM #15Web Hosting Master
- Join Date
- Apr 2002
- Location
- USA
- Posts
- 5,783
BobbyDouglas
What OS is he running?
-
05-10-2005, 01:22 AM #16Web Hosting Master
- Join Date
- Feb 2002
- Location
- Australia
- Posts
- 24,027
Re: Server secure, but last reboot is 280+ days?
Originally posted by BobbyDouglas
My friend's account is hosted over at IPowerWeb . . . He thinks his server is secure, and asks people to hack it . . .
If IPowerWeb found out that he was asking folks to hack the server he's on, I'm sure they'd kick him off. I know I would, if someone on one of my servers was openly inviting or agitating hackers etc.• WLVPN.com • NetProtect owned White Label VPN provider •
• Increase your hosting profits by adding VPN to your product line up •
-
05-10-2005, 02:24 AM #17He thinks his server is secure, and asks people to hack it, but his security is based off of the fact nobody will take the chance to hack it, because it is illegal. He also thinks it is ok for a server to not need a reboot for 200+ days.
negative... there are many linux root exploits and all of the patches require a reboot
Yes, because anything patched in the kernel will, indeed require a reboot.
No, because there are plenty of "root exploits" that can indeed be made with current kernels.
As far as generalizations:
If the server is up for 280+ days, it most definitely is insecure. What he's doing here is the classic "security through obscurity" technique, and , eventually, someone will hack his server for him, but he won't like how they do it.
Kernel updates are made on the average of once every 1-3 months, and, the kernel is ALWAYS something you want to keep up to date, whether it's a bugfix, security fix, or whatever. Much like php, they generally put all of that into an update.
Based on this server's uptime, I'd guess that he's running either fc1 or redhat (7.x to 9) which are quite old and should be updated to something else as well. Of course, doing that would require rebooting the server for these updates to take affect. NOT updating these is allright, but, you're more succeptible to hacks if you've got older stuff on your box
Long story short:
He's definitely vulnerable, especially with 280+ days uptime.Tom Whiting, WHMCS Guru extraordinaire
Linux problems? WHMCS Problems? Give me a shout
Check out my WHMCS Addons