> My questions: > > 1) What do you do about Gods that get themselves kicked off your mud and > decide revenge upon the server is the way to go? I am 90% sure that this I've kicked a few people off, hmm I think every situation is unique though. I had one player really get steamed because I blacklisted him from a couple of his favorite muds (good to have friends :). He stole code, actually a complete mud, and only changed the title screen and put it up on some other site.... in my mind, very worthy of blacklisting. He then plotted revenge on my machine, though he slipped when he mentioned the ip address of my machine on IRC. Again, good to have friends, as I happened to have a buddy monitoring that IRC channel (which he does for a living, imagine that, what a job :) who then alerted me that a possible attack was under way on my machine. A few minutes of backups and password changes along with warning his friends on my mud that I knew seemed to stop that fairly fast. > 2) What OS do you use? Do you consider it to be secure? I am currently > considering BSDi and Solaris.. It seems fairly obvious to me that > I'm not willing to spend the time it takes to keep a Linux system secure. > At least the emperical evidence shows that to be true. :-) I think that the OS doesn't matter if they get root access. I work with all sorts of OS, and no matter if its Solaris or OSF/1 or BSDi, if they have root access, things can get ugly. > 3) Of the people on the list who have had security breakins.. what have > you done to stop the attacks? (what do you do to stop the people from > knocking on the door all the time? or.. what do you drink to stop you > from caring that the barbarians are at the gate?) Usually we can run a traceroute or we have ample logs available to determine the remote IP which fails a login... this is assuming they fail at least once. A little threatening email to them or their sysadmin sometimes steers them off. Though if they ARE the owner of the machine they logged in from, it doesn't matter much. One protective measure I take, is to have a backup in some obsucre directory like 7 or 8 levels deep. A find command will screw this up though...hopefully they will be discovered before they discover the find command. jtrhone aka vall +-----------------------------------------------------------+ | Ensure that you have read the CircleMUD Mailing List FAQ: | | http://cspo.queensu.ca/~fletcher/Circle/list_faq.html | | Or send 'info circle' to majordomo@cspo.queensu.ca | +-----------------------------------------------------------+
This archive was generated by hypermail 2b30 : 12/18/00 PST