Original date:2018-05-28 10:41:45 Edited by: ghaberek Subject: Web server migration completed!

We're on a new server now! And here's why: it looks like our friend bern (or apeto1/2/3 or CoJaBo3 or who-knows-what-else) managed to compromise jeremy's local user account, which gained him root access to the system and the MySQL database. From there, it looks like he was resetting passwords for old forum accounts and that's how he was harassing us. I've taken many, many steps to harden and secure this new server to prevent any further intrusions.

  • The hosting technology is now KVM (a real virtual machine) instead of OpenVZ (a shared-system container).
  • The operating system is much newer (CentOS 7 vs Debian 5) and is running with SELinux enabled.
  • The system using a firewall (firewalld) and several active intrusion detectors (auditd, aide, fail2ban).
  • Remote root access is disabled altogether. The root user can only log on via the physical console of the machine.
  • Password authentication for SSH is disabled. Admins with SSH access must use a public/private key pair to log on to the server.
  • User accounts with sudo access must still enter their very very long password to gain root access.
  • The database connection for euweb is running as a dedicated MySQL account. Previously it was using the root account.
  • Currently only myself and jimcbrown have access to this system. Additional access will be on a discretionary basis.

Here are the specs for those interested:

Old server New server
Hosting provider HostWinds HyperExpert
Technology OpenVZ KVM
Processor 1 vCPU 2 vCPU
Memory 1 GB 2 GB
Storage 50 GB SSD 40 GB SSD
Operating System Debian 5.0.6 CentOS 7.5.1804
Architecture 32-bit 64-bit
Database Server MySQL 5.0.51 MySQL 5.7.22
Euphoria version Euphoria 4.0.5 Euphoria 4.1.0


Not Categorized, Please Help


Quick Links

User menu

Not signed in.

Misc Menu