This blog has, IMO, some great resources. Unfortunately, some of those resources are becoming less relevant. I'm still blogging, learning tech and helping others...please find me at my new home on http://www.jameschambers.com/.
Thursday, April 2, 2009
Chewing Through Database Changes
Most, if not all, of the active data connections right now are in MySQL and running off a machine that, in short, is a bit of a security concern. The web server talks to the DB (which is on a separate, dedicated box) through ODBC.
I created a list of inactive accounts and, working through the list with a couple of long-time employees, removed over 50 accounts that still had access to the network, the staff site and the intranet software.
I've also changed all server admin passwords and updated all the ODBC pointers to a new single-purpose account on MySQL. I've also got a plan with about two dozen touch-points that is being addressed by me and three others that work at the same level as I do.
Next on to IIS and the FTP servers that were running. There are over 160 sites in IIS and 100+ users on FTP. Resolving those users with our other list, and cross-checking against active clients, we were able to stop 40+ sites in IIS (30 more are suspect) and firm up the FTP server.
We're getting a whole lot of traffic from someone trying to brute the admin account on that box...will have to watch that for the time being, but the bigger plan is to move it inside the firewall and close down that channel. We're also scrubbing them now at 3 attempts (instead of 5) so hopefully that will slow their efforts. I changed it to a strong pass, so by brute they're just wasting their time.