> My questions: > > 1) What do you do about Gods that get themselves kicked off your mud and > decide revenge upon the server is the way to go? I am 90% sure that this > attack was by a former God on the mud (at least the log that I recovered > by using a sector editor seems to support the theory -- the site being > the same.) The reason this God was asked to leave is another story.. one > that I would be happy to relate.. but isn't germane to this post. Well, if they had any time of system level (read: account) access, you should remove thier account and thier directories immediately. A routine port scan also helps sometimes, they may have been setting up back doors in thier spare time. > > 2) What OS do you use? Do you consider it to be secure? I am currently > considering BSDi and Solaris.. It seems fairly obvious to me that > I'm not willing to spend the time it takes to keep a Linux system secure. > At least the emperical evidence shows that to be true. :-) Linux is a relatively secure operating system, because so many people use it. When a bug is discovered a patch is usually available within a day or two. Keep a tight hold on your linux machine, turn off finger, and only accept telnet connections on port 23, 25 (if you need ftp) and your mud port. Get tripwire, its a freeware security program that monitors critical files. To tell you the truth, you're not any better off with another unix operating system than you are with linux. Some would beg to differ, but a well-mantained linux system is more secure than any unix out of the box. Plus, you're going to need to recode parts of your mud if you switch to another operating system. Don't give yourself the hassle, just get smart about it. Read some documentation on securing your linux system, they have HOW-TO's for nearly everything in linux, do a web search for one. > > 3) Of the people on the list who have had security breakins.. what have > you done to stop the attacks? (what do you do to stop the people from > knocking on the door all the time? or.. what do you drink to stop you > from caring that the barbarians are at the gate?) Well, in my real (read: not mud) life, I'm a security agent for a corporate computer network. I experience breakins or attempted breakins all the time (no, that doesn't mean i'm not good at the job, just that the hackers are 1 step ahead ususally :P ) Which brings up a good point: The only real way you'll get reliable security is to obscure your system. Try only excepting connections on your telnet ports by "trusted" hosts. Obviously, this won't work on the mud port, but its a good start. If you use a pop like program to get your email, turn off unix sendmail, for christ's sake - that thing has more holes than swiss cheese. :P Anyhow, hope I helped. Cheers, Rich +-----------------------------------------------------------+ | Ensure that you have read the CircleMUD Mailing List FAQ: | | http://cspo.queensu.ca/~fletcher/Circle/list_faq.html | | Or send 'info circle' to majordomo@cspo.queensu.ca | +-----------------------------------------------------------+
This archive was generated by hypermail 2b30 : 12/18/00 PST