The Risks of hosting a public server, and how you can protect yourself [Guide]

[pbrocks]

Nice....(claps hands)

[bagel99]

Great info .....

[zenko]

Could i ask a question?
What happends if you get busted by blizzard? Is this risk high, or low? Anyone who can recommend the safest way to not become busted?

[BillyBob31]

Just a few questions.

For my private server i run i wanted to ask these few things.

1) where do i change mysql password ..... was told to change it weekly for security reasons .... and do i have to change other things passwords then like my auto account registration that run through mysql and need the mysql password?

2) How do i backup my private servers database ..... say incase the server is taken over by a hacker i can delete the database currently on that the hacker is on and re put up the backup database ...... how do i re put up the backup database

3) what other actions should i take to avoid hackers from my private server ...... i already passworded my computer, have a router ( with only the needed ports open for the server), have a firewall, run antivirus, and check software weekly at least ...... anything else

Thanks for the help and + rep for anyone that helps !! ( the more the detail of what to do exactly the beter )

[fenwaydog21]

WoWLegend is right.

There is much you can do to stop hackers. Yet, they will most likely find a way by. :P

It's just like a guess 'n' check question, go with the flow.

:P Great review.

[Vemonous]

wowo that was kewl

[DJeXeCute]

You can set your Mysql so that only ip addresses you specify can even connect. When you go to edit the mysql host replace %localhost or whatever with %your ip or whatever ip you want to allow access to and to allow aces to someone else simply make a new Mysql user and set it to their ip.
Mysql problem solved :P

[makazegamer]

Ok so im new here, would like to introduce my self first...... Hello

Now, ive read your guide, i wouldnt call my self a noob with networking issues, but i wouldnt also call my self a guru at it either. I curretnly have Bit Defender Total Security 2008, and i am wondering if that would be a sufficient enough at protecting me against hackers ?

[guitargod218]

Just want to make a statement. If you want to WTFPWNZORZ a hacker, all you have to do is sever the internet connection, whether it's by unplugging from an ethernet cable or unscrewing the antenna that makes you connect to a router. If they have no connection to your computer, they can't do anything to you, which means you can get into MySQL and fix up everything without worrying about the hacker. Also, back-up often, so in the event of this you can just reload the database tables.

[ownerjamster]

really helpfull make my private server safe

[i Newell]

very nice advice =]

[DrPieper]

Nice one, saw some things i didnt do yet.

[merlinguy21]

hi dfadfadadg

[upirlichy]

I couldn't post this anywhere else so I figured this would be a good place. This is a simple notepad cmd that tracks connecting ips.


-Open note pad and insert this-

@echo.
@color 09
@netstat -n
@echo.
@pause


-Now save as getip.cmd and save to your desktop. Once that is done find it on your desktop and run it. It will open and list all ips connected to you.

[AARC51]

BTW... Typically no destination (destination from the perspective of incoming connections TO the router in front the computer/WoW server) ports are open on any router with a firewall by default. Port 80 is NOT open by default for web browsing... It doesn't need to be. All outgoing (from the perspective of the router sending traffic to the internet) are open - including 80 for web browsing. You would know this if you knew the fundamentals of TCP.

TCP review: When a connection is initiated from your PC to a website on the internet a packet is crafted with the source IP of you PC (this can/will be changed by NAT/PAT) a source port (a port > 1023) and a destination port of 80 or 443. Your router keeps a state table that tracks all of this and opens a "pinhole" for a response from the website sourced from port 80 and a destination equal to your source port (something > 1023). It can also look for sequence numbers and the ACK flag.