|
Posted by S. Pidgorny on November 7, 2007, 4:04 am
Please log in for more thread options
This can be done by accessing the server using valid access and credentials.
If you cannot afford rebuilding from scratch, I'd start with making content
read-only and applying strict auditing together with alerting to fing out
which user account is changing the content.
Using other malware scanners and ro9otkit revealers can also help.
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-
* http://sl.mvps.org * http://msmvps.com/blogs/sp *
> Hi,
> in the last weeks the company's server web was suffering continues attacks
> and intrusions on the part of Mpack.
> The consequence is that the pages of the websites dirtied with malignant
> IFRAME tags that refer to address housing
> Malware.
> The SO web server Win2003 standard edition SP2, of course updated with
> windowsupdate that is running SQL Server ent edition SP4.
> The Symantec antivirus is always updated and has never reported anything.
> Is there a procedure to be applied to the server, any tools that can
> remove the possibility of intrusions?
>
> thanx to all
>
> sorry for poor English
>
| 
XML Sitemap