Re: security advice



Op 25-8-2010 9:14, Andrei Popescu schreef:
Hello,
I had something like this also.. I still have all the files, but in
my case the "hacker" just runned a CounterStrike server on my box. I have
found the exploit in a website that I host, it was an oscommerce and it had
a security issue in the pictures folder.. don't know how he had access but
the thing is he managed to reinstall openssh and somehow he got the root
password (not change it, I saw him logging in the box with my password, and
yes, the password was 18 characters, with letters and numbers and it didn't
mean anything).
So as somebody already said. You should watch for web application in
general. I managed to secure the oscommerce app and now everything is ok.


Best regards,
Andrei Popescu
IT Manager
Alttab Profit SRL
Tel: +4-0723.286.813
Fax: +4-021.210.33.65


Hi,

Be warned! Usually it is never "only a counterstrike server". Do not trust the box and reinstall. I've seen and investigated a hacked box where it was thought to "only run a psybounce". It turned out a lot more was happening but since the kernel was made to shut up about it, it would not show the rest of the activities. It was a database server for provisioning an ISP. A lot of people were surprised when their free adsl connection was shutdown and a bill was sent.

Investigate, reinstall and close the loopholes.

Best regards,

Erik

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



Relevant Pages

  • Re: System Restore function does not work
    ... Follow the steps given previously to reinstall it, ... As to regaining the SR tab in system properties, ... Then close the registry editor and reopen Task Manager (you ...
    (microsoft.public.windowsxp.basics)
  • RE: Cant assign drive letter to slave hard drive after reinstall of X
    ... > I had to reinstall XP because of spyware issues. ... Now the bios, device manager, and disk ... > manager recognizes the slave drive but didn't assign it a drive letter. ...
    (microsoft.public.windowsxp.hardware)
  • Re: Outlook 2003 VPN SBS 2K Exchange Unavailable
    ... Manager, rebooted, reinstalled Office 2003, installed SP1 and bingo, it ... I'm going to reboot a few times after Outlook has finished ... I'm then going to reinstall Business Contact ... Manager and see if anything breaks. ...
    (microsoft.public.windows.server.sbs)
  • Re: Outlook 2003 VPN SBS 2K Exchange Unavailable
    ... Manager, rebooted, reinstalled Office 2003, installed SP1 and bingo, it ... I'm going to reboot a few times after Outlook has finished ... I'm then going to reinstall Business Contact ... Manager and see if anything breaks. ...
    (microsoft.public.windows.server.sbs)
  • Re: multiple instalations
    ... Normally core system components like that reinstall themselves at boot ... reinstall themselves at boot time if they're deleted from Device Manager... ...
    (microsoft.public.windows.mediacenter)