[TriLUG] so you think you've been rooted...

Scott Lambdin lopaki at gmail.com
Wed Mar 11 23:38:23 EDT 2009


To replace Roundcube, I would go with either PointySphere, or FatLine.

On Wed, Mar 11, 2009 at 10:48 AM, David McDowell <turnpike420 at gmail.com>wrote:

> Robots.txt can help some with that search engine business, but I refer
> back to my orig comments :)
>
> On 3/11/09, Barry Gaskins <barry.gaskins at gmail.com> wrote:
> >    Well I don't think the bots have feelings or anything but many of
> > them do start with a list of compters to scan instead of randomly
> > picking IP addresses to scan.
> >
> >    In this example of looking for roundcube servers to scan the bot
> > could do a google search for
> > welcome roundcube webmail username password
> > That will get you a list of servers running roundcube to try to break
> > into.  And since google will sort your list by popularity, the more
> > popular sites are more likely to get broken into...
> >
> >
> >    - Barry Gaskins
> >
> >
> >
> > On Wed, Mar 11, 2009 at 9:48 AM, David McDowell <turnpike420 at gmail.com>
> > wrote:
> >> I was curious if anyone knew if a bot had feelings or discriminated
> >> from one site to the next? If you are out there, you should be
> >> prepared. You can't expexct to wave your Jedi hand and say "you don't
> >> really see us b/c we are small and insignificant"
> >>
> >>
> >> On 3/11/09, Jarod Watkins <jarod at jxxtech.net> wrote:
> >>> On Tue, 10 Mar 2009 17:13:07 -0400, Alan Porter <porter at trilug.org>
> >>> wrote:
> >>>>> Ouch, and to think I was going to install roundcube on my server this
> >>>>> summer.
> >>>>
> >>>> I have roundcube on my personal server, but I hide it behind HTTP
> >>>> authentication.  That means I can get to it when I need to, but it
> >>>> is not open to Joe Random H4X0r to probe.
> >>>>
> >>>> Add a couple of lines to your apache config file, and continue to
> >>>> use it.
> >>>>
> >>>> Alan
> >>>
> >>> I also run roundcube, however only on https. So far no script kiddies
> >>> have
> >>> tried to attack it. I believe most of their tools do not have tls
> support
> >>> compiled in, so very few scan on https. Or maybe its just because I am
> so
> >>> small no one cares.
> >>> --
> >>> TriLUG mailing list        :
> >>> http://www.trilug.org/mailman/listinfo/trilug
> >>> TriLUG FAQ  : http://www.trilug.org/wiki/Frequently_Asked_Questions
> >>>
> >>
> >> --
> >> Sent from my mobile device
> >> --
> >> TriLUG mailing list        :
> http://www.trilug.org/mailman/listinfo/trilug
> >> TriLUG FAQ  : http://www.trilug.org/wiki/Frequently_Asked_Questions
> >>
> > --
> > TriLUG mailing list        :
> http://www.trilug.org/mailman/listinfo/trilug
> > TriLUG FAQ  : http://www.trilug.org/wiki/Frequently_Asked_Questions
> >
>
> --
>  Sent from my mobile device
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG FAQ  : http://www.trilug.org/wiki/Frequently_Asked_Questions
>



-- 
There's a box?



More information about the TriLUG mailing list