<div dir="ltr"><div><div>Pretty sure most everyone is aware that security is easier said than done. When someone with the resources of Google can be hacked, it's not lack of knowledge that's the problem. It's that the industry is generally in denial as to how bad the situation is, and business process steamrollers over the cracks. Business development sells the customer a service, project managers push timeframes for a solution on time and under budget, and everyone knows any hack will be down the track, and be someone else's problem. The problem is failure to build security integral to IT systems, and that's not really possible with an internet that's been built on an open architecture. Every month I'm wondering who will be the high profile hack this month and this will probably continue without a fundamental rethink of how security is integrated and end to end delivered.<br><br></div>Kind regards<br><br></div>Paul Wilkins <br></div><div class="gmail_extra"><br><div class="gmail_quote">On 30 January 2017 at 23:04, Nathan Brookfield <span dir="ltr"><<a href="mailto:Nathan.Brookfield@simtronic.com.au" target="_blank">Nathan.Brookfield@simtronic.com.au</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">
<div id="m_-2724271659312263812divtagdefaultwrapper" style="font-size:12pt;color:#000000;font-family:Calibri,Arial,Helvetica,sans-serif" dir="ltr">
<p>After <span>Macquarie Media apparently had 2GB.com and 4BC.com hacked this morning, also on WordPress it seems there is a big lack of knowledge on this stuff out there.</span></p>
<p><br>
</p>
<div id="m_-2724271659312263812Signature">
<div id="m_-2724271659312263812divtagdefaultwrapper" style="font-size:12pt;color:#000000;background-color:#ffffff;font-family:Calibri,Arial,Helvetica,sans-serif">
<p></p>
<p class="m_-2724271659312263812x_MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:'Times New Roman',serif;color:rgb(33,33,33)">
<span style="font-size:10pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Kindest Regards,</span></p>
<p class="m_-2724271659312263812x_MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:'Times New Roman',serif;color:rgb(33,33,33)">
<span style="font-size:10pt;font-family:Calibri,sans-serif;color:rgb(54,95,145)">Nathan Brookfield (VK2NAB)</span></p>
<p class="m_-2724271659312263812x_MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:'Times New Roman',serif;color:rgb(33,33,33)">
<span style="font-size:10pt;font-family:Calibri,sans-serif;color:rgb(54,95,145)"> </span></p>
</div>
</div>
<div style="color:rgb(0,0,0)">
<div>
<hr style="display:inline-block;width:98%">
<div id="m_-2724271659312263812x_divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" face="Calibri, sans-serif" color="#000000"><b>From:</b> Chad Kelly <<a href="mailto:chad@cpkws.com.au" target="_blank">chad@cpkws.com.au</a>><br>
<b>Sent:</b> Monday, 30 January 2017 10:44 PM<br>
<b>To:</b> Nathan Brookfield<br>
<b>Cc:</b> <a href="mailto:ausnog@lists.ausnog.net" target="_blank">ausnog@lists.ausnog.net</a><br>
<b>Subject:</b> Re: [AusNOG] Borrowed addresses, data retention, court orders</font>
<div> </div>
</div>
</div><div><div class="h5">
<font size="2"><span style="font-size:10pt">
<div class="m_-2724271659312263812PlainText"><br>
I should of provided the following link with my previous post but <br>
Sucuri.net offer a paid service for cleaning Malware and they offer a <br>
free scan for websites as well.<br>
<a href="https://sitecheck.sucuri.net/results/theispguy.com" id="m_-2724271659312263812LPlnk770587" target="_blank">https://sitecheck.sucuri.net/<wbr>results/theispguy.com</a><br>
It looks like a bit of a mess.<br>
<br>
Regards Chad.<br>
<br>
On 1/30/2017 6:48 PM, Nathan Brookfield wrote:<br>
> Schooled!<br>
><br>
> Nathan Brookfield<br>
> Chief Executive Officer<br>
><br>
> Simtronic Technologies Pty Ltd<br>
> <a href="http://www.simtronic.com.au" id="m_-2724271659312263812LPlnk319819" target="_blank">http://www.simtronic.com.au</a><br>
><br>
> On 30 Jan 2017, at 18:45, Chad Kelly <<a href="mailto:chad@cpkws.com.au" target="_blank">chad@cpkws.com.au</a>> wrote:<br>
><br>
>> On 1/30/2017 10:34 AM, <a href="mailto:ausnog-request@lists.ausnog.net" target="_blank">ausnog-request@lists.ausnog.<wbr>net</a> wrote:<br>
>> Apparently so... screw Wordpress... bloody nightmare to manage.<br>
> Not if you have the right tools in place.<br>
><br>
> Generally now a days you can automate the security updates for Wordpress so you don't even need to think about it.<br>
><br>
> Plus you should be using other security measures such as Mod_security and things like Fail 2 Ban.<br>
><br>
> <a href="https://modsecurity.org/about.html" id="m_-2724271659312263812LPlnk11242" target="_blank">https://modsecurity.org/about.<wbr>html</a><br>
><br>
> and <a href="http://fail2ban.org" target="_blank">fail2ban.org</a><br>
><br>
> Those two tools alone with decent configs will nuke anything that tries to hack in.<br>
><br>
> For extra security on top of that you can use CXS, which will scan for things like scripts containing malware and quarantine them so that if something does manage to get in it doesn't affect your online presence.<br>
><br>
> <a href="https://configserver.com/cp/cxs.html" target="_blank">https://configserver.com/cp/<wbr>cxs.html</a> i've been using the Config Server tools for years now.<br>
><br>
> With those tools and Mod_security configured properly you don't need the extra security plugins for Wordpress specifically.<br>
><br>
><br>
> When I checked a few hours ago the ISP Guy site was still infected and was redirecting to another site.<br>
><br>
> Regards Chad.<br>
><br>
><br>
><br>
<br>
<br>
-- <br>
Chad Kelly<br>
Manager<br>
CPK Web Services<br>
web <a href="http://www.cpkws.com.au" target="_blank">www.cpkws.com.au</a><br>
phone 03 9013 4853<br>
<br>
</div>
</span></font></div></div></div>
</div>
</div>
<br>______________________________<wbr>_________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer" target="_blank">http://lists.ausnog.net/<wbr>mailman/listinfo/ausnog</a><br>
<br></blockquote></div><br></div>