“Anonymous”, Westboro Baptist Church, and Surrogafier

Steve Bonilla Staff asked 2 years ago

I thought you guys might be interested in this little write up I did about the recent incident with Anon and WBC:

http://supersubnet.com/?p=86

Just learned about surrogafier myself, what a powerful script...

1 Answers
Shnerdly Staff answered 2 years ago

I like the article, I run three webservers right now and am building a fourth. All of them are on client networks.

Would setting them up on an isolated DMZ be the solution or would an isolated external IP be better?

Was the church running a Windows or Linux based server?

I guess I have never aggravated the wrong people so I have never had to deal with this kind of attack though I do promote Christian conservative concepts and ideals on most of the sites I maintain.

The most important thing I can think to ask is, How they initially gained access?

I have all of my webservers setup for external SSH access only. I also have them setup to allow access only from specific external IP's. If your IP is not on the list, you don't get in.

I only run Linux based servers with the latest Apache/PHP/MySQL/perl/cgi etc. I also do not have any GUI installed on any of them. I have always felt that would be the hole that would allow someone to get in.

I also have never allowed any kind of automount, autorun or autoscan of any read/write devices at all. In fact, after finishing the setup, I rem out USB, CDROM and Floppy devices in fstab so they are inaccessible. The servers are available on the LAN though. This seems to also be a risk I will have to address.

Know the answer? Login or sign up for an account to answer this question.
Sign Up