Re: Mud Machine hacked -- AntaresMUD

From: R. E. Paret (
Date: 02/25/97

> My questions:
> 1) What do you do about Gods that get themselves kicked off your mud and
> decide revenge upon the server is the way to go? I am 90% sure that this
> attack was by a former God on the mud (at least the log that I recovered
> by using a sector editor seems to support the theory -- the site being
> the same.) The reason this God was asked to leave is another story.. one
> that I would be happy to relate.. but isn't germane to this post.

Well, if they had any time of system level (read: account) access, you 
should remove thier account and thier directories immediately.  A routine 
port scan also helps sometimes, they may have been setting up back doors 
in thier spare time.

> 2) What OS do you use? Do you consider it to be secure? I am currently
> considering BSDi and Solaris.. It seems fairly obvious to me that
> I'm not willing to spend the time it takes to keep a Linux system secure.
> At least the emperical evidence shows that to be true. :-)

Linux is a relatively secure operating system, because so many people use 
it. When a bug is discovered a patch is usually available within a day or 
two.  Keep a tight hold on your linux machine, turn off finger, and only 
accept telnet connections on port 23, 25 (if you need ftp) and your mud 
port. Get tripwire, its a freeware security program that monitors 
critical files.  To tell you the truth, you're not any better off with 
another unix operating system than you are with linux. Some would beg to 
differ, but a well-mantained linux system is more secure than any unix 
out of the box. Plus, you're going to need to recode parts of your mud if 
you switch to another operating system. Don't give yourself the hassle, 
just get smart about it. Read some documentation on securing your linux 
system, they have HOW-TO's for nearly everything in linux, do a web 
search for one.

> 3) Of the people on the list who have had security breakins.. what have
> you done to stop the attacks? (what do you do to stop the people from
> knocking on the door all the time? or.. what do you drink to stop you
> from caring that the barbarians are at the gate?)

Well, in my real (read: not mud) life, I'm a security agent for a 
corporate computer network. I experience breakins or attempted breakins 
all the time (no, that doesn't mean i'm not good at the job, just that 
the hackers are 1 step ahead ususally :P ) Which brings up a good point: 
The only real way you'll get reliable security is to obscure your 
system.  Try only excepting connections on your telnet ports by "trusted" 
hosts. Obviously, this won't work on the mud port, but its a good start.  
If you use a pop like program to get your email, turn off unix sendmail, 
for christ's sake - that thing has more holes than swiss cheese. :P

Anyhow, hope I helped.



| Ensure that you have read the CircleMUD Mailing List FAQ: |
|   |
|    Or send 'info circle' to     |

This archive was generated by hypermail 2b30 : 12/18/00 PST