While it is great, Wazuh is not close to a static analyzer.

Actually, the www was working. It's a cname to tp.47cf2c8c9-frontier.amazon.com, which should have been a cname to d3ag4hukkh62yn.cloudfront.net, but that record was broken for about 20 minutes.

Update: that frontier cname seems to be bouncing between Cloudfront and Akamai now, so I suspect they're fighting off either an attack or internal issues. I see issues to other route53 servers as well.

"It's a trap"

sudo, ssh certs, egress firewalling. Congrats - you've covered about 4 pages from the NSA's 200 page hardening benchmark. Off to a good start!

http://www.nsa.gov/ia/mitigation_guidance/security_configura...

This isn't intended as a be-all-end-all guide to security, like the NSA aims for. Instead, view it as a quickstart guide for those first five minutes on a new server, or as a starting point for beginners that have no idea where to even look.

Agreed.

I doubt there's suddenly much appetite for the NSA-authored security guides anymore.

I've seen more compromised boxes than one can shake a stick at. There's all sorts of reasons that blocking egress is a great idea. Compromises are usually automated bots, and no, they're not smart enough to bring down iptables. Even if it's a human that's pwned you, it's frequently a stupid human, or a lazy human. It's just good practice to practice security in depth.

Or a non-privileged account is accessed and the kiddie just wanted to run an eggdrop bot. Plot foiled.

Time to write a little VBScript to port scan me some Dropbox servers...

I don't know how to do that in VB and I'm sooo proud of it! :-P

Soo they didn't forsee how teh hackers would compromise accounts without 2FA...but passwords are dead.

Well, I for one, am sold!

man how'd I forget hb gary...that's my other favorite

Let's see...

TJ Max, UBS, Knight Capital, Heartland Payment Systems, Visa, Sony (already mentioned, but it's my fave), Stanford, Countless other hospitals, e-commerce vendors, banks, and other organizations that handle payment or personal information.

If you want to say "name a startup that's gone out of business because of a security problem" I'll let you away with that. There's still instances, and I'd love startups to pay more attention to security, but I know reality as well...

http://en.wikipedia.org/wiki/Bitcoin#Theft_and_technical_vul... has quite a few startups going down due to security issues.

How exactly has Stanford had its business impacted due to a security breach? I'm only thinking in terms of people wanting to apply, and I can't imagine how that'd be a deterrent.

Stanford's a little more than a college. There have been at least 5 HIPAA breaches, with at least 70k people's information compromised.

http://www.healthcareitnews.com/news/stanford-reports-fifth-...

To go a little further - at a glance, it's not clear if they've been fined yet or not, but either way there's soft costs to all of this - being in the news in a negative light, some patients will go elsewhere, their insurance premiums are going to go up as a result of the breaches, etc etc.

What was Knight Capital's security problem?

Last year when KC shot themselves in the face, they were running trading algos that hadn't been well tested. When dropped into production, things blew up fairly quickly.

I probably should have left it off the list, it's more of a compliance/procedural issue than purely infosec.

They had nothing to do with security. The GP was stretching a fair bit to try and make a point.

They had an issue with deploying....supposedly:) They still haven't come out and said exactly what the issue was.

I'm a little surprised this is on HN? To me this is the equivalent of a blog post about using %d with printf.

Not complaining, just a little surprised something so novice would get attention...

You should post it if you think it will gain traction. Not everyone is experienced with C.