|
Posted by Bernard Cheah [MVP] on October 11, 2007, 10:14 pm
Please log in for more thread options > Are you using MS FTP? If so, switch to FileZilla FTP server.
I'm just curious about this... how would this helps? and MS FTP is
vulnerable ?
--
Regards,
Bernard Cheah
http://www.iis.net/
http://msmvps.com/blogs/bernard/
> newsgroup@rightfast.com says...
>> I need some advice regarding a 2003 web server.
>>
>> We have been hacked by something called turkishhacker.mdx which installs
>> new
>> index.html, index.asp, index.php and default. range of same in the root
>> directory letting the world know on the affected website it has been
>> hacked.
>>
>> This is the second time in 6 months this has happened and after the first
>> time I made quite a few changes.
>>
>> - All security updates are in place
>> - There is no write permissions set on root
>> - All site are isolated with unique user permissions
>> - FrontPage permissions in use
>>
>> I am puzzled how this can be happeneing where there is no write
>> permission
>> in place. It does not affect all sites but about 60% and they are not
>> always the same as last time.
>>
>> Can anyone give me some advice?
>
> Do you check the logs to see who is connecting?
>
> Do you follow ALL of the permissions on how to secure a web server?
>
> Did you setup strong passwords and change account names?
>
> Are you using MS FTP? If so, switch to FileZilla FTP server.
>
> You can't say that there is no write permission, any admin account has
> write permission - it sounds like you've got bad passwords or that they
> were cracked.
>
> What security do you have in place?
>
> Firewall appliance?
>
> AV Software?
>
> --
>
> Leythos
> - Igitur qui desiderat pacem, praeparet bellum.
> - Calling an illegal alien an "undocumented worker" is like calling a
> drug dealer an "unlicensed pharmacist"
> spam999free@rrohio.com (remove 999 for proper email address)
| 
XML Sitemap