GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Newbie's Guide to Dedicated Server Security

minusonebit · 12-25-2007, 01:40 AM

(cont'd below)

8. If Your Box is Compromised.

If your box is compromised, your only immediate concern should be protecting the data and the evidence it may contain as to who is responsible. You should not be on GFY or anywhere else freaking out, you should be taking actions to stop the breach from going further and then looking what happened, who did it and how. You should notify your customers of your issue because it is the right thing to do and because the laws of almost 40 states require you to do so.

Turn the box OFF by issuing shutdown commands and contact your host immediately to make arrangements to get the server shipped, the hard drive shipped or whatever else needs to happen. Do not leave a compromised box online or reachable for any reason - ever. Do your investigation locally without the server online. Leaving a hacked box online may subject the data to further or additional compromise and your box could be used as a launching pad for attacks on other boxes in your data center or outside of it.

12-25-2007, 01:40 AM
minusonebit So Fucking Banned Join Date: Feb 2006 Location: [email protected] Posts: 7,391	(cont'd below) 8. If Your Box is Compromised. If your box is compromised, your only immediate concern should be protecting the data and the evidence it may contain as to who is responsible. You should not be on GFY or anywhere else freaking out, you should be taking actions to stop the breach from going further and then looking what happened, who did it and how. You should notify your customers of your issue because it is the right thing to do and because the laws of almost 40 states require you to do so. Turn the box OFF by issuing shutdown commands and contact your host immediately to make arrangements to get the server shipped, the hard drive shipped or whatever else needs to happen. Do not leave a compromised box online or reachable for any reason - ever. Do your investigation locally without the server online. Leaving a hacked box online may subject the data to further or additional compromise and your box could be used as a launching pad for attacks on other boxes in your data center or outside of it.