Few days ago I set up an ocsp server using openssl; that service was running as ROOT all the time...
Today I noticed that the server is not responding to some of my ocsp requests. So I started the sniffer to see what the hell is going on. It turned out that someone from Japan is trying to hack my server using port 80 (OCSP).
What should I do next? Should I create a dedicated user and group for that service? if so can someone help me out?
I really need help on this one. please