#@$%!!

One of my boxes got hacked.  Ugh.  Fortunately it was a jump server that had no data.

I have 2 servers exposed to the Internet, a jump server and a reverse proxy.  The reverse proxy provides access to the web applications that I run.  The jump server I use for SSH access into my network from remote locations.

They never got full root access to the box, they didn’t modify the firewall configs and no additional processes were spawned.  What they did do was mess up the logging facility.

After rebuilding the box from scratch I’ve made authentication to be public key only.  I’m thinking of implementing a port knocking feature so that the pot does show up on a port scan.

Virtual Box

I’ve had hit-or-miss experiences with virtual OS’s on my home machine.  When I had an Apple powerbook, Parallels was awesome.  It just simply worked with no hassles.

On the Linux platform I have not been impressed with any of the virtualization packages until just a few days ago.  A colleague showed my Oracle’s Virtual Box software.   Just like Parallels, it just works on Linux.  No hassle, no fuss, no issues.

So far on my Fedora 17 desktop I have Windows 7 and CentOS 6.5 running.  By this evening Fedora 20 will be running as well.