Discussion in 'Security' started by GRIM, Dec 17, 2012.
good stuff.. thanks GRIM
Hell yea just keep me safe boss!!!
That's top notch security right there! Thanks Grim
Couple questions about this GriM. 1. Are you talking your pruning IPs from the web applications? So you go and delete the data from the DB? 2. I assume you're running apache, have you altered the way apache logs requests out of the standard W3 style (which includes ip) 3. Iptables logging? 4. What about other firewall based logging? Is all that turned off? 5. How about when you yourself SSH into the machine does it log your hostmask/ip from where you SSH in?
#1 from the forum/data base #2 the logs are fully pruned every 2 weeks, for security purposes I can not turn them fully off on the board server.. #3 Only on errors for general security, to block brute force etc. #4 Of course not, I'm not gonna endanger the server / users. Only actual errors, hack attempts, brute force etc are logged and those are pruned as well. Blocks however remain as they should. #5 Yes it does so I can assure I'm the last 1 on the machine, I ssh in via numerous different vpn's I control.
hell, is your last name jobs or gates
Should setup some cron jobs to automate this process.
Damn glad there's someone that knows about this crap to help keep me safe. Organic chemistry, I know...this shit, I glad YOU'RE. Thanks again for all the hard work you put in to help keep us safe bro, it's truly appreciated!
that's how it is set up
server now removes all ip's 3x a day..
Dude u rock.
I try But seriously most admins use this info to sell advertising, keep up on traffic trends etc. Well I don't sell advertising, so it's only needed for a short time for the firewall systems.
as always... thanks for taking care of us
np, someone has to watch out 4 u noobz!
This is not necessarily true. IP does not always go directly to you depending how your ISP routes things. Also, if you are on any kind of dynamic ip address (basically most every modern ISP) your IP is changing a lot again based on routing. Also, they can't just track it to you, they have to get subpeona to the ISP who then has to turn it over. And if it's a large apartment or house they have a hard time proving it's you, basically an IP is not a person and it's very hard to prove specific traffic is an individual.
ip is not a person was ruled on a totally different case, civil supeona's totally different. And there have been cases of isp's giving this information over w/o any court order @ all. Thousands of cases start off simply from the IP. Will you get arrested just off the IP? No. Will it give LE the warrant they seek? In most cases yes.. Yes traffic can be routed differently, people can steal wifi, so many variables. The IP however is the starting point, forensics can easily narrow down those nuances and a little bit of detective work does the rest. Or are you gonna claim tens of thousands of cases are now null and void, I want to see those links and pyes released as an IP is not a person they had no right to even search him. Whoops totally different cases and meanings. 1 was civil 1 is criminal.. btw dynamic makes no difference, not sure what your point is there as isps log that info to the customer dynamic or not.
All my information is straight from my lawyer, I'm not interpreting law. An ip is usually not enough to get a warrant, they need more probable cause like in your PMs you mention selling or something of that nature, they claim to be investigating conspiracy to distribute, things of that nature. An IP is increasing becoming less and less useful as the internet becomes more ubiquitous in our lives. As a result, it's becoming harder and harder to prove an IP to a person's actions. Look, I'm not saying don't prune them, I totally agree with pruning, I'm just saying you shouldn't see your IP address being the be all end all.
Well yeah an IP address and illegal activity... http://blogs.wsj.com/law/2012/11/21/court-police-can-locate-wireless-internet-moochers-without-a-warrant/ an interesting read..and ill see if i can find articles where isps have handed info over w/o even a court order. Your lawyer might be telling you this, but I sure see enough articles where illegal conduct and ip address = warrant...
I mean, let's be realistic here. CP is on an entirely new level of horrible. Also, this article basically says that this case is under appeal and highly subjective and not clear cut.
Separate names with a comma.