[AusNOG] Borrowed addresses, data retention, court orders
Chad Kelly
chad at cpkws.com.au
Mon Jan 30 23:51:42 EST 2017
This type of stuff can even happen with managed hosting providers, Web
Hosting Talk the global / US version got hacked a few months ago and its
hosted by Liquidweb.
This is why you need professional Indemnity insurance as a managed
services provider.
Regards Chad.
On 1/30/2017 11:04 PM, Nathan Brookfield wrote:
>
> After Macquarie Media apparently had 2GB.com and 4BC.com hacked this
> morning, also on WordPress it seems there is a big lack of knowledge
> on this stuff out there.
>
>
> Kindest Regards,
>
> Nathan Brookfield (VK2NAB)
>
> ------------------------------------------------------------------------
> *From:* Chad Kelly <chad at cpkws.com.au>
> *Sent:* Monday, 30 January 2017 10:44 PM
> *To:* Nathan Brookfield
> *Cc:* ausnog at lists.ausnog.net
> *Subject:* Re: [AusNOG] Borrowed addresses, data retention, court orders
>
> I should of provided the following link with my previous post but
> Sucuri.net offer a paid service for cleaning Malware and they offer a
> free scan for websites as well.
> https://sitecheck.sucuri.net/results/theispguy.com
> It looks like a bit of a mess.
>
> Regards Chad.
>
> On 1/30/2017 6:48 PM, Nathan Brookfield wrote:
> > Schooled!
> >
> > Nathan Brookfield
> > Chief Executive Officer
> >
> > Simtronic Technologies Pty Ltd
> > http://www.simtronic.com.au
> >
> > On 30 Jan 2017, at 18:45, Chad Kelly <chad at cpkws.com.au> wrote:
> >
> >> On 1/30/2017 10:34 AM, ausnog-request at lists.ausnog.net wrote:
> >> Apparently so... screw Wordpress... bloody nightmare to manage.
> > Not if you have the right tools in place.
> >
> > Generally now a days you can automate the security updates for
> Wordpress so you don't even need to think about it.
> >
> > Plus you should be using other security measures such as
> Mod_security and things like Fail 2 Ban.
> >
> > https://modsecurity.org/about.html
> >
> > and fail2ban.org
> >
> > Those two tools alone with decent configs will nuke anything that
> tries to hack in.
> >
> > For extra security on top of that you can use CXS, which will scan
> for things like scripts containing malware and quarantine them so that
> if something does manage to get in it doesn't affect your online presence.
> >
> > https://configserver.com/cp/cxs.html i've been using the Config
> Server tools for years now.
> >
> > With those tools and Mod_security configured properly you don't need
> the extra security plugins for Wordpress specifically.
> >
> >
> > When I checked a few hours ago the ISP Guy site was still infected
> and was redirecting to another site.
> >
> > Regards Chad.
> >
> >
> >
>
>
> --
> Chad Kelly
> Manager
> CPK Web Services
> web www.cpkws.com.au <http://www.cpkws.com.au>
> phone 03 9013 4853
>
--
Chad Kelly
Manager
CPK Web Services
web www.cpkws.com.au
phone 03 9013 4853
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20170130/f588b57b/attachment.html>
More information about the AusNOG
mailing list