[ubuntu-uk] off topic - server security
Kirrus
kirrus at kirrus.co.uk
Fri Dec 28 18:04:26 GMT 2007
----- "Alan Pope" <alan at popey.com> wrote:
> On Thu, Dec 27, 2007 at 07:34:23AM +0000, Sean Miller wrote:
> > I am aware this isn't Ubuntu related, but I'm tearing my hair out.
> >
> > For the past week or so some folks have been constantly hacking my
> > webserver... it's running Cent-OS I believe, but I don't have the
> knowledge
> > to work out how they're getting in.
> >
>
> First thing I'd do is shut it down and restore from backup. You have
> discovered that no matter how much you clean up there's no way you can
> be
> sure they cant get in again.
>
> Make sure you have up to date secure versions of all installed web
> apps. If
> processes are owned by apache then chances are its a compromised
> script
> running on the site that they are getting in through.
>
The worst app for security I've ever come across is phpBB Nuke, or postnuke. If someone is running one of those, make sure its up-to-date.
I've never had a problem with phpBB2 (except for spammers ;))
--
Blog: http://www.kirrus.co.uk
UK Plone Hosting: http://www.plone-hosting.co.uk
RPGs:
Captain Senaris Vlenn, CO, USS Sarek
Lt Aieron Peters, XO DS5
More information about the ubuntu-uk
mailing list