Quote:
Originally Posted by azwildcats70
Could be that because I have been in Information Security and Risk Management for so long, that I am uber paranoid, but then again, that's what I get paid to do.
|
I used to do pen testing, so I understand the mindset.
At the same time, as many here know, I'm arrogant - so arrogant that I'm incredibly doubtful anyone would attempt intrusion, beyond that even MORE doubtful anyone would be able to come close to personal data, and even MORE doubtful that I wouldn't notice...
Firewall is the obvious first. Access to ports for "neighbor" users is highly limited. Then comes my port monitoring, with notification of any user aside from me using an otherwise blocked port. Then comes LIDS (I use the 2.6 tree, so no openwall for me). Add into that some decent monitoring for rootkit activities, and my compulsive checking of logs, and I'm fairly hardened up.
A few years ago, I had stated in my little user agreement page that they were welcome to attempt hacking one specific server. A chunk of people did try; there were three that got in, 2 of which couldn't accomplish anything beyond user level access - one impressed the hell out of me and got root! The culprit? A recent patch I had applied. The person left me a note telling me about it, I had missed it despite my checking a variety of places for security issues on the regular.
I fixed it and gave them shell access as a thank you for finding holes