A friend of mine, Phil, runs a fairly successful blog (www.finlandforthought.net). A few days ago he had an article running about several political issues (immigrants, gay, social welfare etc.). Quite a discussion aroused out of this and someone with a Tele2 IP address posted quite racist messages and threatened to DDOS the site. Needless to say everyone made fun of him.
That was until this morning when the server, which hosted several other sites, disappeared into thin air. That was it, no ssh access, no webaccess , no response to ping. The server is co-located in California which is a “little” bit far away from Finland where Phil lives. So he called the provider and asked to block all access at the router level to that server. They said “ok” and that they will check the machine out. A little later a mail arrived saying: Sorry your server has been trashed and needs a re-install.

Now, the server wasn’t secured by me but iptables was running and configured properly, only ssh and http allowed in. It was a Linux (RedHat) machine which had nothing extra installed. I have had some experience in being DOS’d etc. in the past but nothing ever resulted into a complete trashing of the OS. So, “yay!” for the level 1 help desk engineer.

Anyway, back to the main point. The threat was pretty real apparently as the site is still not up, and we haven’t heard anything new from the hosting service. What I want to do is basically nail the guy to a wall but I think I will first collect the evidence off of that machine.

The basic point I am trying to make is this: Script kiddies are successful nowadays because of 2 reasons:
1) the owner of the machine is completely clueless , even when running Linux, to even configure the BASIC host firewall or spend time securing the machine
2) The owner of the machine doesn’t WANT to spend time securing the machine. Just wants to set up his service and presto.

These 2 also apply to hosting providers with shared hosting. As a security professional, I spend time training people on investing time in security policies and training. The problem is laziness. It always has been, its human nature. Why do something you don’t WANT to do.

Here is my challenge: I will, for FREE, secure any server, Windows, Mac or Linux based, over the next 2 months (offer expires April 9th 2007). Each one will be documented (obviously with sensitive information obfuscated) here. All you need to do is mail me with information of the machine you want secured and what you want secured. I know, many of you say: Bullshit, anyone can say that to get access to the machines. True, but then again, some risks you will have to take. Like I said, I will secure your machine so that it does what you want it to do , verify it buy trying to crack it AND send you a document what exactly has been done so you can verify that on your own.

Go ahead, mail me flosse@2blocksaway.com . I just reserve the right to write about each machine here on this blog.

Waiting…

PS: This is a public service to throw a stick between the legs of wannabe hackers and script kiddies that just have nothing to do then to sit around, use everyone else’s software (probably stolen) and damage other people purely because they want to.
I hope other security professionals will eventually join me and throw a little bit of water on the hot plate to make a difference.

Popularity: 4% [?]