Date: Sun, 20 Dec 1998 16:36:54 +0000 From: Karl Pielorz <kpielorz@tdx.co.uk> To: Alejandro Galindo Chairez AGALINDO <agalindo@servidor.exsocom.com.mx> Cc: questions@FreeBSD.ORG Subject: Re: udp security Message-ID: <367D27A6.2EB3082A@tdx.co.uk> References: <Pine.BSF.3.96.981220102303.28050A-100000@servidor.exsocom.com.mx>
next in thread | previous in thread | raw e-mail | index | archive | help
Alejandro Galindo Chairez AGALINDO wrote: > i need help, i need to know how to protect my servers, but the most > important in my mind is to know how they are accessing the servers, i > buyed the Firewalls book from Oreally & associates and i was using the > firewall with ipfw, but this dont stop the hackers. > > thanks for your help This isn't really FreeBSD related... Do you know for 100% that you have removed the hackers, and all their equipment from your compromised system? It's not uncommon for hackers once they have a connection to leave numerous back doors in the system - so they can get in again... Even your firewall won't help with that... The only way you can be 100% sure you have got rid of them is probably to either reinstall the machine, or break out the backups form a time you are _certain_ you weren't hacked... Once you have the new machine up, follow all the security guidelines (i.e. use a firewall like your doing, make sure the machine only runs the services you need - e.g. disable everything you don't need from inetd etc.) Only then will you stand a chance of keeping them out... As for attacks via UDP - this is certainly possible, though I've not seen any exploits for FreeBSD and UDP for as long as I can remember... :) -Kp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?367D27A6.2EB3082A>