On 8/4/05, Jan Engelhardt <jengelh@xxxxxxxxxxxxxxx> wrote: > > > >We have servers that could get infected via poorly wrote user scripts. I > > Fix the servers. Don't let arbitrary scripts in. > > please take this in a friendly manner :) When I wrote my initial message, I knew somebody would give me this type of reply (ie. secure your servers, smack the bad users) However the fact is that in REAL LIFE, you will have users that use bad scripts or even "good" script that have bugs (phpbb, etc, etc.). I want to find a way to make sure that we have an extra layer of protection to make sure our servers weren't DOS'ing other boxes - even if it was only for a short time until an admin logged in to check the source of the outgoing traffic spike. Bottom line : I simply want to get a good ruleset to share so that anyone who might ever have a server compromised (even non-root, php-apache based stuff running as nobody) could help stop the outgoing bad traffic. There is a lot of discussion on stopping things from coming into a server. If those of us who run servers (I'm pointing the finger at myself!) would take the extra effort to stop what can possibly go out, it would solve a lot of the problems. I don't have the knowledge to set this up in the best method. That's why I asked here. Thanks to all!
