here are the symptoms on my network and server that i observed:
slow response for some services, such as Webmin (couldn't even log in).
WiFi router lights flashing normally. but...
WiFi bridge/extender lights flashing like crazy.
Strange computer listed on the network.
my thoughts:
WiFi bridge/extender has been compromised.
planed resolution:
run a hard-line between my WiFi-router, and the network switch in my workshop, where the server is, thus eliminating the WiFi bridge/extender
I never liked the bridge/extender anyway.
so anyway, my server will be down until i get back from work this afternoon. I figured it was safer to keep it off-line until the security is restored.
then i have to do some investigating to see if anything on my server was compromised.
I set things up with the expectation that my network was secure, but now i think i will have to lock things down a bit tighter.
Moral of this story? a security breach can, and eventually will come from where you least expect it. just because you secure your front-end, doesn't mean the back-end should be left open.
~Travis
all good security plans laid to waste
-
- Posts: 56
- Joined: 2017/03/18 11:43:50
- Location: Maine, USA
- Contact:
all good security plans laid to waste
CentOS 8.2.2004 on a Dell PowerEdge R710,
with Intel(R) Xeon(R) CPU X5670 @ 2.93GHz, 24 cores,
64GB ram, 5.6TB storage.
with Intel(R) Xeon(R) CPU X5670 @ 2.93GHz, 24 cores,
64GB ram, 5.6TB storage.
-
- Posts: 56
- Joined: 2017/03/18 11:43:50
- Location: Maine, USA
- Contact:
Re: all good security plans laid to waste
well, the server wasn't compromised, but the WiFi bridge/extender was. the server now connects via a hard-line to the router, and the WiFi password was changed, again, just in case. I miss the days of good security from an all hard-line network, but then i think about dragging an Ethernet cable with me as i use my laptop. I think the larger and more complicated WiFi password is a good compromise.
but anyway, the server is back online. just in case someone actually wants to visit it
~Travis
but anyway, the server is back online. just in case someone actually wants to visit it
~Travis
CentOS 8.2.2004 on a Dell PowerEdge R710,
with Intel(R) Xeon(R) CPU X5670 @ 2.93GHz, 24 cores,
64GB ram, 5.6TB storage.
with Intel(R) Xeon(R) CPU X5670 @ 2.93GHz, 24 cores,
64GB ram, 5.6TB storage.