Re: apache compromised to send spam, need way to check file access
From: Ohmster (notareal_at_emailaddress.com)
Date: 04/26/05
- Next message: Ohmster: "Re: apache compromised to send spam, need way to check file access"
- Previous message: Ohmster: "Re: apache compromised to send spam, need way to check file access"
- In reply to: Mike: "Re: apache compromised to send spam, need way to check file access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 25 Apr 2005 22:53:50 GMT
Mike <honey@michaelmoyse.co.uk> wrote in
news:X_adnbpNZ_SmqPDfRVnyvw@pipex.net:
> I took the liberty of running a scan against www.ohmster.com.
>
> You need a firewall as you have a load of ports open and a lot of
> vulnerabilities in the exposed applications.
>
> In my opinion, a rogue perl script is the least of your problems on
this
> machine.
>
> Drop me an email to mike AT michaelmoyse.co.uk and I'll send you a PDF
> of the report. It lists what you need to do to fix the problems.
Oooohh... this is bad.
Okay Mike, I have and use firestarter firewall because it was pretty easy
to install and setup. Got me NAT'ed and online quickly. Was supposed to
only open service ports that were needed at the time. Of course, I have
not messed with it since, other than to forward a few ports to my XP
machine for p2p and gaming. I also enabled network UPnP for Windows
Messenger and run upnpd to enable that network universal plug and play
stuff and do whatever it is that it does for Messenger.
Agreed that the machine is old now and out of date for security. I do
have fedoralegacy for my apt.sources and did a major upgrade with apt-get
a couple of months ago. Got close to 80 packages that way, only one I
really did not want, the rp-pppoe package. I have rp-pppoe-3.5-1
installed and when I tried 3.5-2 years ago, it simply did not work, at
all and had to downgrade back to 3.5-1 again. Forgot all about that and
after the apt upgrade from fedoralegacy, I lost the net again and the
wife was pissed because it took me hours to figure it out and remember
about the rp-pppoe package again.
So what did you find? Detailed analysis would be appreciated,
suggestions, or recommendations too of course. Thank you for your time
and for your help, Mike. You got the right machine. I still have to find
the source of this email spam from apache and will be working on that
unless you come up with something of a higher priority
Email sent and anxiously awaiting your reply. Thanks buddy.
-- ~Ohmster ohmster at newsguy dot com
- Next message: Ohmster: "Re: apache compromised to send spam, need way to check file access"
- Previous message: Ohmster: "Re: apache compromised to send spam, need way to check file access"
- In reply to: Mike: "Re: apache compromised to send spam, need way to check file access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
