VectorLinux website --Hacked!

Discussion in 'Linux, BSD and Other OS's' started by megamaced, Apr 16, 2006.

  1. megamaced

    megamaced Geek Geek Geek!

    Likes Received:
    0
    Trophy Points:
    36
    Why would somebody want to hack a website that belongs to an open source, Linux distribition?

    It's just pointless...
     

    Attached Files:

  2. sabashuali

    sabashuali Ani Ma'amin

    Likes Received:
    6
    Trophy Points:
    38
    No mate, you got it all wrong.
    They heard you were going to run VectorLinux on a crappy Celeron machine and repelled you from their site.... hahahahahahah!!!!! :p

    They are on to you mate!
     
  3. megamaced

    megamaced Geek Geek Geek!

    Likes Received:
    0
    Trophy Points:
    36
    hehe, just as well that they didn't catch me running VL on a Pentium 233 48MB RAM :O :D
     
  4. Anti-Trend

    Anti-Trend Nonconformist Geek

    Likes Received:
    118
    Trophy Points:
    63
    I wonder if they were hosting the site themselves? Many smaller distros have to rely on hosting companies since they can't afford the infrastructure and bandwidth to host it themselves. Either way, embarrasing! :O
     
  5. megamaced

    megamaced Geek Geek Geek!

    Likes Received:
    0
    Trophy Points:
    36
    Not getting any better for the poor guys over at Vector. They got the website back late last night, but I tried to access it this morning and now all it says is:

    'Unable to select database'

    Two hacks in 2 days? :eek:

    Someone must really have it in for them!

    It's quite annoying because I am trying to get help on their forums! Samba doesn't seem to be working properly. I am sharing a folder on my Ubuntu machine with Samba, but when I try to access it on Vector it just says 'unknown location'!

    Just to be sure, what is the correct syntax for a samba address?

    Is it

    Code:
    smb://192.168.1.xxx/share
     
  6. Matt555

    Matt555 iMod

    Likes Received:
    98
    Trophy Points:
    48
    Not neccessarily a hack, maybe they're just having database problems, maybe the connection to the database isn't set properly, maybe the config isn't right, who knows.
     
  7. Anti-Trend

    Anti-Trend Nonconformist Geek

    Likes Received:
    118
    Trophy Points:
    63
    I'm still trying to figure out why you're using Windows file & print sharing to share files with another *nix. You should be using NFS for this purpose, as it's faster with less overhead.
    That depends, are you trying to browse the SMB share with Konqueror? If so, try smb://xxx.xxx.xxx.xxx/ --OR-- smb://$NETBIOSNAME/
    If you still get no love, try scanning your Vector box with nmap and see if port 445 is actually accepting connections and your Vector box isn't firewalled or anything. If your firewall is down and 445 is actually closed (e.g. there's no service running there), you probably need to start or restart the Samba service on that machine.
     
  8. megamaced

    megamaced Geek Geek Geek!

    Likes Received:
    0
    Trophy Points:
    36
    Ummm :confused: Yeah, why didn't I think of that! :O

    What is the correct syntax for an NFS share?

    By the way, I am trying to use XFCE (Vector) to browse a shared folder on GNOME (Ubuntu).
     
  9. Anti-Trend

    Anti-Trend Nonconformist Geek

    Likes Received:
    118
    Trophy Points:
    63
    NFS is mounted like any other data volume in your /etc/fstab. Here's some documentation to help you get started, in both basic and extensive flavors. :)

    Basically, one machine exports certain directories or volumes via NFS, and the other system mounts those resources as a directory someplace on their system. Here's a sample from the /etc/exports on my home file server:
    Code:
    /home/common 192.168.25.0/255.255.255.0(rw,async,all_squash,anonuid=1000,anongid=1000)
    /home/incoming 192.168.25.0/255.255.255.0(rw,async,all_squash,anonuid=1000,anongid=1000)
    /home/antitrend 192.168.25.101(rw,async,all_squash,anonuid=500,anongid=500)
    /home/somebody_else 192.168.25.100(rw,async,all_squash,anonuid=501,anongid=501)
    As you can see, static IPs are a must for private shares, and NFS is not a service which is intended for public networks. In other words, keep it behind your firewall.

    Here are the corresponding entries in one of my client system's /etc/fstab to give you a little more illustration:
    Code:
    192.168.25.5:/home/common /mnt/server/common nfs rsize=8192,wsize=8192,nosuid,soft 0 0
    192.168.25.5:/home/incoming /mnt/server/incoming nfs rsize=8192,wsize=8192,nosuid,soft 0 0
    192.168.25.5:/home/antitrend /home/antitrend/remote nfs rsize=8192,wsize=8192,nosuid,soft,user 0 0
     
  10. megamaced

    megamaced Geek Geek Geek!

    Likes Received:
    0
    Trophy Points:
    36
  11. megamaced

    megamaced Geek Geek Geek!

    Likes Received:
    0
    Trophy Points:
    36
    It's all up and running now :)

    I managed to set up SuSE and Ubuntu as a client/server pretty easily but there were a few problems with VectorLinux. Basically none of the NFS services were installed so I had to slapt-get 'nfs-utils' and initialise them one by one! Although it's working on Vector now, there is one service that I couldn't start called 'rpc.rquotad'. I don't know whether this is supposed to come with the nfs-utils package or not, but I can't find it in /sbin or /usr/sbin. What does it do and do I actually need it? As I said before, I am able to share files as it is.

    I assume this means that only the user who's ID is 1000 can use this service?
     
  12. Anti-Trend

    Anti-Trend Nonconformist Geek

    Likes Received:
    118
    Trophy Points:
    63
    Good job. :)
    The quota daemon can enforce user's disc space quotas on your system. This is so on shared resources, one user can't fill up the entire partition and leave none for everyone else. You really don't need this in a single-user environment.
    Yes, my user mapping on my local machines are different from that on my server, so I use that to force the correct UID. "all_squash" disregards the UID on the client machine, forcing them to connect anonymously, and the "anonuid" and "anongid" entries specify what I want the anonymous user and group ID's to be. Make sense? As for the "async" entry, that makes it perform faster.
     
  13. Karanislove

    Karanislove It's D Grav80 Of Luv

    Likes Received:
    0
    Trophy Points:
    36
    Just to check how strong they are because Linux is the worlds best secured windows and its very difficult to hack it.
     
  14. megamaced

    megamaced Geek Geek Geek!

    Likes Received:
    0
    Trophy Points:
    36
    Just two more things I need to know :)

    The 'rsize' and 'wsize' options increase the buffer and improve network performance? What do you think a good size would be for a standard 100Mb/s network? I've got 3 computers that connect to a 100Mb/s switch in a peer-to-peer. The switch connects to a router but my landlord controls that.

    Also, what security measures have you taken to protect your network?

    Hehe, don't get the wrong end of the stick - I am not testing the water, so to speak ;) I would like to know so I can take similiar steps.

    I've set up a firewall on all machines, and I've edited the 'hosts.allow' to accept only the IP addresses of my machines. I have also edited the 'hosts.deny' file to include:

    Code:
    portmap:ALL
    lockd:ALL
    mountd:ALL
    rquotad:ALL
    statd:ALL
     
  15. Anti-Trend

    Anti-Trend Nonconformist Geek

    Likes Received:
    118
    Trophy Points:
    63
    On a 100MiB network, I've found 8192 works very well for both.
    I'm not paranoid about my security because I setup my network with security in mind. In so far as the hosts.deny goes, it looks good. That being said, you need just about every one of those services to be reachable by your NFS clients. On any machines which are sharing files via NFS, you should have an entry in the hosts.allow for each of your machines which will connect as clients.
     
  16. xcorpitx

    xcorpitx Geek Trainee

    Likes Received:
    0
    Trophy Points:
    0
    i hacked this site cuz this site very importand they are give all users secure programs , scripts, or ......... but not important for them you hacked or not just they wanna earn money.. so i hacked that site by me my sanal name xcorpitx


    and thıs s victorlinux miror index

    http://www.zone-turk.net/deface_mirror/?id=17144
     

Share This Page