Violation

So since my last entry some time has passed. I was on vacation and despite having a lot of time I did not write a lot and I did not do a lot of the other things I wanted to – it’s just simply to damn hot this summer. Since Rolland was studying for yet another exam we stayed home. I spent my time mostly playing Warcraft III and designing a character for a new DSA4 campaign. I even started writing a short story about her.

Tonight I dreamt about writing short stories btw and how it is the perfect format for an author to experiment with. I remember some things about it very clearly but I have never before thought such things about short stories. Funny thing that.

Anyhow another thing happened as well, and now I am referring to the title of this entry. For whatever reason our server crashed. The ‘named’ would not start up anymore after Rolland rebooted the server. So I asked my local guru for help, I changed the password so he could log in. Never do that! Have him send you his ssh-key or so. He loaded the iptables configuration and we thought everything was working. But it did not. So I decided to call him again after work. In the meantime I changed the password back to the original one. Then at about 6p.m. I decided to call him and put the password back to ‘fnord’ … but then the roleplayers came early that day and I never called him, instead to of them started ‘fixing’ the server unsuccessfully I might add because the named was simply broken probably after some update. I forgot about the password. Around 9p.m. I went to get something from my computer and voilà there was a message in that xterm for me: “Your server is insecure NOOB!” I only realized what happened minutes later. Well so someone had made a script iterating of the address-space of our provider attempting root logins on any computers found probably with the top20 of favorite passwords he then copied a script on to the root account that deleted all data: all logfiles and all user home directories as well as the root directory. What else it did was indeterminable since the logfiles were gone. I could write that perl script. But of course the person who hacked the server did not know just another ‘script-kiddy’. At first I was mad, then I was raging and later I wanted to hurt whoever did it – a lot.

Well currently we are back on the net with a fresh installation and secure passwords and of course a ‘hardening’ session for the server is planned. In the future logging in onto the root account from outside will be simply impossible.

Note to self: if you have several network cards in your server make sure all configurations point to the one you are using!!! Fix the dsl-startup script for example! And forwarding is set in the /etc/network/options. Plus all the rest I forgot already.

What else happened? It’s hot, it’s hot and it’s hot. Did I mention …. we went to M’ERA LUNA 2003 festival near Hannover. I only went to see Within Temptation again … and the concert was great. Only I missed the first half of my favorite song ‘Deceiver of Fools’ 🙁 The Nightwish concert was ok, though the others thought it was far below their standard (actually they said it was bad). Project Pitchfork is not quite my style but the songs aren’t easy listening, I might like them after hearing them several times. I liked ‘Deine Lakaien’ and again the others said the performance was lacking …. whatever. We all like Apocalyptica, this time I even saw the stage.

So and now back to work … I have some bugs to fix.