[AusNOG] Borrowed addresses, data retention, court orders

Nathan Brookfield Nathan.Brookfield at simtronic.com.au
Mon Jan 30 23:04:36 EST 2017


After Macquarie Media apparently had 2GB.com and 4BC.com hacked this morning, also on WordPress it seems there is a big lack of knowledge on this stuff out there.


Kindest Regards,

Nathan Brookfield (VK2NAB)



________________________________
From: Chad Kelly <chad at cpkws.com.au>
Sent: Monday, 30 January 2017 10:44 PM
To: Nathan Brookfield
Cc: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] Borrowed addresses, data retention, court orders


I should of provided the following link with my previous post but
Sucuri.net offer a paid service for cleaning Malware and they offer a
free scan for websites as well.
https://sitecheck.sucuri.net/results/theispguy.com
It looks like a bit of a mess.

Regards Chad.

On 1/30/2017 6:48 PM, Nathan Brookfield wrote:
> Schooled!
>
> Nathan Brookfield
> Chief Executive Officer
>
> Simtronic Technologies Pty Ltd
> http://www.simtronic.com.au
>
> On 30 Jan 2017, at 18:45, Chad Kelly <chad at cpkws.com.au> wrote:
>
>> On 1/30/2017 10:34 AM, ausnog-request at lists.ausnog.net wrote:
>> Apparently so... screw Wordpress... bloody nightmare to manage.
> Not if you have the right tools in place.
>
> Generally now a days you can automate the security updates for Wordpress so you don't even need to think about it.
>
> Plus you should be using other security measures such as Mod_security and things like Fail 2 Ban.
>
> https://modsecurity.org/about.html
>
> and fail2ban.org
>
> Those two tools alone with decent configs will nuke anything that tries to hack in.
>
> For extra security on top of that you can use CXS, which will scan for things like scripts containing malware and quarantine them so that if something does manage to get in it doesn't affect your online presence.
>
> https://configserver.com/cp/cxs.html i've been using the Config Server tools for years now.
>
> With those tools and Mod_security configured properly you don't need the extra security plugins for Wordpress specifically.
>
>
> When I checked a few hours ago the ISP Guy site was still infected and was redirecting to another site.
>
> Regards Chad.
>
>
>


--
Chad Kelly
Manager
CPK Web Services
web www.cpkws.com.au<http://www.cpkws.com.au>
phone 03 9013 4853

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20170130/a397dbc7/attachment.html>


More information about the AusNOG mailing list