Quote:
I think recovery is probably the easiest to deal with. You need decent backups that work. My personal take is that virtual machines are a nice way to deal with this as well. Of course before you can recover you need to have an investigation plan so you're not just restoring a crackable machine. You should have the CERT checklist bookmarked as well as the Security forum here. If you're willing to follow some procedures, there are some experienced investigators who like to tackle those problems. Detection is kind of a pain, but you need to worry about it. I like tools like Aide or Samhain, but I've also seen some experienced people voice concerns that those sorts of tools are among the first things good crackers would look for. Monitoring log files will also help. I don't take any issue with the list you've created although there is probably some redundancy. Just out of curiosity, you don't have SELinux as option, did you exclude that? I don't know if any of the distros your considering have SELinux enabled (I know RHEL does, so maybe Fedora does as well). I know SELinux can be a bear to get configured, but it might be worth considering if you haven't. Quote:
Basically, it looks like you're taking a decent approach. Redundancy is the key. |
Quote:
I've got a lot ahead of me. I'm kind of amazed that in the beginning, I thought it was as simple as many suggest to setup a LAMP server, but I'm finding that that's not really the case since security seems to be the biggest hurtle. Sure one could setup a LAMP easily (as long as you don't mind getting hacked), but securely is another ballgame all together and requires that person almost to be a security expert. ARGH! You know... beings that I'm a gun owner, think we could declare open season on all hackers? I'd love that *evil grin* |
Quote:
If you've tried it on your staging host (don't want to mess up production, right?) and no solutions or workarounds we can provide you with help then you have earned the right to call it whatever you want. |
Check point H/W is awesome!
|
Quote:
|
might just be too late
Well... at this point, the only help I need is not the kind this forum can give.
Yesterday I was finally able to get through to the unemployment office (lines have been jammed), and the word was "there's no money". Everyone across the board who is on the federal extension just ran out. On paper, the extensions are available, but there's no funding to back it up. Currently, it's being held up in the senate. I work part time for the place that laid me off. We're in the housing/construction sector - civil engineering firm to be exact. The workload is so light, the boss has no idea if it'll be enough to stay in business. Meanwhile, they're letting me get enough hours in to pay the bills... at least for now, but... I mean, last month posted the worst housing figures ever. Commercial construction is almost non-existent. I was hoping to get something going in hopes that it would lead to something better, but right now, that just doesn't look possible, I can't even think straight, can't afford anything, and I may just lose my home soon. Things are bad... REALLY bad right now. I don't know when it's going to turn around, but I'm praying real hard for it. Whether or not you believe in a higher power or not, please muster up a prayer of some kind if you can. Do it for yourself and also for everyone else because we are ALL in very VERY SERIOUS trouble. |
That sounds like really tough times for you. I hope something goes your way soon.
|
All times are GMT -5. The time now is 06:17 AM. |