Latest LQ Deal: Latest LQ Deals
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 03-28-2011, 06:52 PM   #1
Senior Member
Registered: Feb 2007
Location: The Tropics
Distribution: Slackware & Derivatives
Posts: 2,471
Blog Entries: 1

Rep: Reputation: 128Reputation: 128
Security in a Bar...

I'm working with a guy thats got a lot of hookups with bands and such, and we're now working with a bar that just opened up to help them get in bigger bands, better equipment, etc.

I was sitting in there the other day with my Asus netbook and noticed that by going to the network "place", I could mount their servers and read log files and other system configs. Their databases were secured from mounting, but it didnt seem safe at all to me that you could simply read log files.

I called one of the managers over and showed him, suggested their IT guy get on it because you don't really want that out in the open.

I'm not sure if setting the 5 servers to a specific group, then assigning read permissions to that group only would solve the problem so that other computers using the wifi would not be able to just browse their servers.

Any suggestions as to how they might be able to keep the files away from the network? It was just something i stumbled across, just trying to give them ideas as to fixing it.
Click here to see the post LQ members have rated as the most helpful post in this thread.
Old 03-28-2011, 07:18 PM   #2
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
This happened on their public wireless network? If those servers aren't supposed to be publicly accessible, then a firewall and a dedicated access point seems to me like a good starting point. The idea being, of course, to completely isolate the public and private networks from each other. Once that's done, the IT guy can proceed to lock down the servers in a less hostile environment.

Last edited by win32sux; 03-28-2011 at 07:19 PM.
Old 04-03-2011, 04:39 PM   #3
Senior Member
Registered: Feb 2007
Location: The Tropics
Distribution: Slackware & Derivatives
Posts: 2,471

Original Poster
Blog Entries: 1

Rep: Reputation: 128Reputation: 128
Well theres good news and bad news unfortunately. Good news is, looks like I might be asked to fix it. Problem is, I have one server at home, sure I'm a linux user, read a lot on firewalls and security, but being well read and having experience are two very different resumes.

The manager showed me around, they've got a case with all the direct tv boxes and audio equipment in a server-like rack, with the modem sitting on top, but no servers. Took me in the back room, no servers. When trying to login to the router via the traditional 192.168..., it gave me like 7 different logins. I really hope they aren't using 7 different routers...

They're netgear, but the manager didn't know where to find the password. Their computers are windows so I don't even know how they access the servers for maintenance. The corporate office pretty much sets them up with the needed software and equipment, but when called about security, they said "not our job, find someone to help you".

So I've got the manager looking for passwords and stuff. I wasn't sure if there was any way inside the router to just put the servers on one "group" and everything else just leave default, but obviously I couldn't see.

I'm not even sure they have the servers in house, what would be the best way to do this now? (assuming i get all the information from him)
Old 04-04-2011, 08:50 AM   #4
Registered: May 2002
Location: new hampshire
Distribution: Fedora, RHEL
Posts: 600

Rep: Reputation: 110Reputation: 110
Originally Posted by phantom_cyph View Post
... what would be the best way to do this now?
Find an out of work IT person who knows their way around that kind of infrastructure, and charge the bar a signing fee. If you can't map out the basic network infrastructure after multiple visits and being given access, you're not in a good enough position to be able to administer it. Think from the business side of things, and you'll see I'm not ribbing you at all - just letting you know that if you say "Hey you have a problem" and the bar says "Cool, fix it" and after 3 weeks of frustration you still don't have it fixed... well... yeah, your career reputation will be not so great.

By finding someone who has the experience to do this, you give the bar the resource it needs, create a good business contact (guess who they'll recommend to surrounding businesses who have similar problems - YOU), and get some strong career networking. Plus, you can get lots of experience by just "apprenticing" to the guy who is hired. Even if you don't go that road, you can always use your simple case with this bar as a jumping off point to start an IT outsourcing firm.

Just a suggestion, anyway.
1 members found this post helpful.
Old 04-05-2011, 08:18 AM   #5
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 782
Blog Entries: 8

Rep: Reputation: 158Reputation: 158
OP, I'd leave this alone. IMO, you've done your part.

Is this something you want to do out of kindness or is this something of a professional career first step? Either way, be careful.

Sure, it would be cool to be able to solve this, but it will NOT be easy because you aren't familiar with the setup and it seems that only certain people have knowledge of the network (and no one knows the security aspects??). After you've fixed (or made an attempt to) the issue, the manager or network admins could point fingers at you for some mishap/outage or 'hack' attempt. "He fixed this but broke that!" Knowledge-wise, you're an outsider. I know of consultants who do this type of work (they find vulnerabilities to given networks, then fix the vulnerabilities if the customer requests a fix)...they get paid LARGE amounts of money and have substantial resources to fix/remedy the issues. These types of guys usually are VERY familiar with networking. This is not something someone should be doing by learning as they go.

Finding someone to assist the bar manager would be great, but then again, the manager could do the same thing.

It's one thing to find an issue and responsibly report it. It's quite another to take ownership of remediation. Be careful.
2 members found this post helpful.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] lost task bar and status bar how to get them back devmohan786 Linux - Software 2 07-13-2008 04:00 AM
Icon Bar/Task Bar: Who Was First? Mark7 General 0 02-23-2008 09:30 AM
foo@bar:~$ <- how to change bar? JussiKp Linux - Newbie 4 08-03-2006 05:46 AM
KDE task bar / menu bar has dissaspeared! KingofBLASH SUSE / openSUSE 1 03-05-2006 09:24 PM
LXer: New Encryption Solution From Sun Microsystems Sets Bar for Online Application and Transaction Security LXer Syndicated Linux News 0 02-15-2006 10:46 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:12 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration