| Forum Home | ||||
| PC World Chat | ||||
| Thread ID: 78409 | 2007-04-14 07:08:00 | Why ChatF1 Is Offline | Erayd (23) | PC World Chat |
| Post ID | Timestamp | Content | User | ||
| 540989 | 2007-04-15 08:53:00 | ChatF1 is now back online, and the server has some snazzy new security features (and is getting more). | Erayd (23) | ||
| 540990 | 2007-04-16 10:17:00 | Ouch :( Sorry to her about that personthingy (I have been away for the last 5 days & I have just come back tonight) | stu161204 (123) | ||
| 540991 | 2007-04-16 11:14:00 | It's not that big a problem... really The server is back up, and that's all i give a toss about. |
personthingy (1670) | ||
| 540992 | 2007-04-16 22:19:00 | In response to CF1 getting hacked i had all sorts of kind offers from various people (you know who you are) who wished to help me pay for the cost of the wasted bandwidth. This is highly appreciated, but as you all know, i declined to accept any help of this nature. It did however get me thinking. (this happens, honest :p) CF1, as well as so much of the nets servers, and many PF1 users home machines run on FREE Linux software, we think little of the GBs we pull from servers all over the world when we update, or when we network install from a business card size disk, letting Debians servers feed our machines with the rest. Cf1 went down because i was sloppy in my choose of root password, and was put back up by the work of Bletch, Dannz and myself, but that is nothing compared to the work that has gone into writing the OS it runs on. If people want to support CF1, donate via paypal next time you try some amazing free software, and install it in the 6th machine that could use it, or buy an official Debian Tshirt. Linux is an amazing system, it's Free, and Debian especially is funded largely by donation. Effectively half the web is run by software paid for by cake stalls... :) Food for thought. |
personthingy (1670) | ||
| 540993 | 2007-04-18 06:09:00 | Just an odd thought. How did a brute force password attack get in? On any of my Linux servers, the default security has been that three password errors lock out the account. That's one of the very oldest cracks. |
Graham L (2) | ||
| 540994 | 2007-04-18 06:47:00 | SSH was set up with the debian defaults - which were naively assumed to include the three-attempt lockout. | Erayd (23) | ||
| 540995 | 2007-04-18 06:53:00 | So maybe someone thought "that will never happen, so we can speed the login up". :groan: In fact, thinking about it, the Unix/Linux login routine has a very subtle trick: each attempt to login takes longer than the previous failed one. There's a deliberate delay inserted to do that. What an obvious option to turn off to speed things up.:thumbs: |
Graham L (2) | ||
| 1 2 3 | |||||