Results 1 to 13 of 13
  1. #1
    Join Date
    Jul 2002
    Location
    Vancouver, BC
    Posts
    1,017

    logic question ... does this make sense?

    say you're a pretty happy client... speak nicely about a provider on the forums generally... and all... ... ... ...

    would you do something as stupid as "hack" one of their administrative workstations.. and something as childish as install "trojans" onto their computers?

    to better understand my standpoint... take this into consideration: say you are basing a business that makes you a few thousand dollars per month, pays ALL your bills and generally maintains your livelyhood... ... ... on this service provider (well, pretty much because its this provider that gives you the market advantage... and without it, revenues just be mediocre)... would you consider "hacking" them? (putting your entire livelyhood at risk for a few cheap thrills or whatever) say you have never ever "hacked" in your life, and you're mature enough to not do something that childish (and also cuz you don't know how)...?

    so... lets look at this... service provider... holds all the cards, cuz its them thats giving you the "market advantage"... ... ... ? so... what to do, what to do... heh...

    LETS HACK THEM, right?

    LOL...

  2. #2
    Join Date
    Sep 2002
    Posts
    51
    Hmm. That doesn't make sense at all. Are you sure that:

    a) this person was in fact the hacker and a hacker didn't use his or her account or whatever to hack into you

    and

    b) that if the person did hack into you it wasn't somehow a really dumb but honest mistake?

    My guess is A because no one hacks into their own upstream provider's system especially when their livelihood depends on it.

    I would give him the benefit of the doubt and look for other possibilities.

    Red

  3. #3
    Join Date
    Jul 2002
    Location
    Vancouver, BC
    Posts
    1,017
    well... this "hacker" in question is me... and why can i be sure i didn't hack or anything... well, the time that his hacking was taking place, i was not even near a computer... a very cute chick can confirm that... lol... and the provider refuses to provide any information regarding this "hack"... except "...but IP and traceroute point directly to you.".

    and yes, these servers were fully secured (i've been doing this for 7 years... i know what i'm doin'... going to extremes such as only allowing SSH from my IP via ip firewalls in freebsd)... and blocking off all ports 'cept 21 (ftp), 22 (ssh) and 80 (http)... and FTP i make sure there are no accounts with root-level access... and its not possible to run interactive programs via a web-based shell (CGI script that executes shell commands under user nobody)... ... ... ...

    all secured... so nobody else did it from my boxes...

  4. #4
    Join Date
    Sep 2002
    Posts
    51
    Ah. Then it seems as if your upstream provider is a complete idiot.

    I hope it works out for you.

    Red

  5. #5
    Join Date
    Jul 2002
    Location
    Vancouver, BC
    Posts
    1,017
    i know... i must have done it with the wireless minibrowser on my cell phone

    LOL... HAHAHAHAHAHAHA... u know, that little 16x82 character browser on the cell phone screen... lol... yeah, that must be it... no wonder my fingers are so sore... typing in all those commands on the little cell phone keypad... lol...

  6. #6
    Join Date
    Oct 2002
    Location
    UK
    Posts
    563
    Netdude,

    What were you doing with a cell phone at the same time as being with a "Cute Chick"?!?!?

    Actually...perhaps i shouldnt ask..

    hmph

    DM

  7. #7
    Join Date
    Aug 2002
    Location
    Downers Grove, IL
    Posts
    304
    if the upstream provider is not giving out details, then either they're trying to cover up something (who it actually was, their incompetence, whatever), or they can't due to legal reasons. if it's due to legal reasons, i'm sure you can expect a knock on the door from the police or FBI sometime soon. if they're blaming you, then i'm sure someone will be coming to get you.

    not saying that this is the case, but it could be. if you're interested in proving that you're innocent, then i suggest that you talk to someone that knows about internet crimes that will be able to help you in this. the fact that you weren't at the computer at the time, doesn't mean it wasn't you. if there was some sort of hole in your setup (it's always possible), then they could get you with neglect to secure your systems. (yes, it's becoming more and more of a crime now a days to "neglect" to secure a computer.)

    just something to think about.

  8. #8
    if i cracked my upstreams boxen they sure as hell wouldnt know that a compromise has taken place, and surely not who did it. as for 'just' ftp, ssh and http, that really isnt that little
    * Rusko Enterprises LLC - Upgrade to 100% uptime today!
    * Premium NYC collocation and custom dedicated servers
    call 1-877-MY-RUSKO or paul [at] rusko.us

    dedicated servers, collocation, load balanced and high availability clusters

  9. #9
    Join Date
    Jan 2002
    Posts
    574
    Originally posted by netdude
    and blocking off all ports 'cept 21 (ftp), 22 (ssh) and 80 (http
    So your FTP service doesn't work then?

  10. #10
    Join Date
    Jul 2002
    Location
    Vancouver, BC
    Posts
    1,017
    sure it does... passive doesn't tho... heh

    ftp, ssh and www.... is little enough... hehehehe... and the apps i use to serve ftp and www... i make sure they're patched up good... heh

    these boxes don't even serve DNS/etc... i have that outa a totally separate facility... heh

  11. #11
    Join Date
    Jan 2002
    Posts
    574
    So ftp runs on just port 21, eh?

  12. #12
    ftp_conntrack prolly
    * Rusko Enterprises LLC - Upgrade to 100% uptime today!
    * Premium NYC collocation and custom dedicated servers
    call 1-877-MY-RUSKO or paul [at] rusko.us

    dedicated servers, collocation, load balanced and high availability clusters

  13. #13
    Join Date
    Jan 2002
    Posts
    574
    Originally posted by rusko
    ftp_conntrack prolly
    Well, he stated he only allowed those ports (21, 22, 80). Which would mean FTP would not function properly as it needs port 20 to transmit data. I was just seeing if he knew what he was talking about.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •