Re: [Jack-Devel] www.jackaudio.org defacement

PrevNext  Index
DateSat, 31 Dec 2011 09:43:14 -0500
From Paul Davis <[hidden] at linuxaudiosystems dot com>
ToJohn Rigg <[hidden] at jrigg dot co dot uk>
Cc[hidden] at lists dot jackaudio dot org
In-Reply-ToJohn Rigg Re: [Jack-Devel] www.jackaudio.org defacement
On Sat, Dec 31, 2011 at 6:14 AM, John Rigg <[hidden]> wrote:
> On Sat, Dec 31, 2011 at 12:04:52AM -0600, David Nielson wrote:
>> Paul, I would suggest moving to a better-managed hosting service.
>
> For my own web sites I hire a bare-bones unmanaged VPS that only
> came with a Linux base installation plus ssh login.

I plan to move ardour.org to AWS soon with a similar configuration.
Hadn't considered jackaudio.org but maybe its a candidate.

> Paul, have you checked the ssh logs (assuming you have access) for
> anything unusual? My own ssh server is subject to a constant onslaught

I didn't check the ssh logs, but i did check with last(1) and nobody
but me had logged in as the "jack" user (whose name isn't actually
"jack"). when i say "me" i mean my IP address.

DH ran their own "security check" which was fairly lame, picking up
ardour/jack/ffado SVN access as a possible attack :)

> of automated brute force attacks. I wouldn't consider running ssh without
> serious firewall rules to block these attempts.

fairly sure that DH has a fairly serious firewall.
PrevNext  Index

1325342606.502_0.ltw:2,a <CAFa_cK=3e8EEg6+UN0TT5CoEHwkHxXASqDdAMHfVmL4Z5D3rtQ at mail dot gmail dot com>