Re: [ubuntu-uk] off topic - server security
Hey Sean, If they are uploading things, its likely they have a PHP Shell somewhere. The most common is called the "C99 Shell". You could try doing a grep to find it. I agree with Alan, it would be best to restore a backup. It also looks like they are trying to start a SOCKS server, from the "./mocks" command. This may be used to use your server as a proxy. http://sourceforge.net/projects/mocks/ You should disable the shell for "apache" by changing the login shell to "/bin/false" in the file "/etc/passwd" Regards, James. On 12/28/07, Kirrus <[EMAIL PROTECTED]> wrote: > > > - "Alan Pope" <[EMAIL PROTECTED]> wrote: > > On Thu, Dec 27, 2007 at 07:34:23AM +, Sean Miller wrote: > > > I am aware this isn't Ubuntu related, but I'm tearing my hair out. > > > > > > For the past week or so some folks have been constantly hacking my > > > webserver... it's running Cent-OS I believe, but I don't have the > > knowledge > > > to work out how they're getting in. > > > > > > > First thing I'd do is shut it down and restore from backup. You have > > discovered that no matter how much you clean up there's no way you can > > be > > sure they cant get in again. > > > > Make sure you have up to date secure versions of all installed web > > apps. If > > processes are owned by apache then chances are its a compromised > > script > > running on the site that they are getting in through. > > > > The worst app for security I've ever come across is phpBB Nuke, or > postnuke. If someone is running one of those, make sure its up-to-date. > I've never had a problem with phpBB2 (except for spammers ;)) > > -- > Blog: http://www.kirrus.co.uk > UK Plone Hosting: http://www.plone-hosting.co.uk > > RPGs: > Captain Senaris Vlenn, CO, USS Sarek > Lt Aieron Peters, XO DS5 > > > -- > ubuntu-uk@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk > https://wiki.kubuntu.org/UKTeam/ > -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.kubuntu.org/UKTeam/
Re: [ubuntu-uk] off topic - server security
- "Alan Pope" <[EMAIL PROTECTED]> wrote: > On Thu, Dec 27, 2007 at 07:34:23AM +, Sean Miller wrote: > > I am aware this isn't Ubuntu related, but I'm tearing my hair out. > > > > For the past week or so some folks have been constantly hacking my > > webserver... it's running Cent-OS I believe, but I don't have the > knowledge > > to work out how they're getting in. > > > > First thing I'd do is shut it down and restore from backup. You have > discovered that no matter how much you clean up there's no way you can > be > sure they cant get in again. > > Make sure you have up to date secure versions of all installed web > apps. If > processes are owned by apache then chances are its a compromised > script > running on the site that they are getting in through. > The worst app for security I've ever come across is phpBB Nuke, or postnuke. If someone is running one of those, make sure its up-to-date. I've never had a problem with phpBB2 (except for spammers ;)) -- Blog: http://www.kirrus.co.uk UK Plone Hosting: http://www.plone-hosting.co.uk RPGs: Captain Senaris Vlenn, CO, USS Sarek Lt Aieron Peters, XO DS5 -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.kubuntu.org/UKTeam/
Re: [ubuntu-uk] DVD & sound
davisjo wrote: Hi Everyone, I have tried to play a DVD and also a film on the hard drive but alas no sound. I have downloaded most of the video players and selected all sources to include all the codecs but still no sound. If I remember right, out teacher enabled the codecs via the terminal and a "build all" routine but have forgotten how to do it. Can anyone help please ? Also I have used Amule to download some music and saved it to a folder on the desktop. The music downloads and I clear the completed and then cannot find the files. I downloaded Amorok and enabled all the folders to search for music but it did not find any. I know it is there because people are uploading from me. Is there a way I can find it and also is it an issue with mp 3 codecs ? Best wishes for the New year to All, John Hello John, I would suggest you take a look at the Medibuntu repository for additional dvd stuff not included in Ubuntu. There are instructions and a package list at http://medibuntu.org/. Just add the repo as a new apt source and reload Synaptic. I think once you have the ffmpeg, libdvdcss and libdvdnav packages you will be able to play dvd movie discs. The gstreamer-0.10* plugins and the w32codecs package will cater for other filetypes such as .wmv. Amarok uses the xine engine as opposed to the gstreamer engine used by the Gnome media players, I think a search for 'xine' in Synaptic will show you all the relevant packages. On my machine aMule saves files to the /home/me/.aMule/Incoming directory which is hidden by default. You can make a symlink to this on your desktop by right-dragging the directory icon to your desktop. Hope this helps. Regards, Tom -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.kubuntu.org/UKTeam/
[ubuntu-uk] DVD & sound
Hi Everyone, I have tried to play a DVD and also a film on the hard drive but alas no sound. I have downloaded most of the video players and selected all sources to include all the codecs but still no sound. If I remember right, out teacher enabled the codecs via the terminal and a "build all" routine but have forgotten how to do it. Can anyone help please ? Also I have used Amule to download some music and saved it to a folder on the desktop. The music downloads and I clear the completed and then cannot find the files. I downloaded Amorok and enabled all the folders to search for music but it did not find any. I know it is there because people are uploading from me. Is there a way I can find it and also is it an issue with mp 3 codecs ? Best wishes for the New year to All, John-- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.kubuntu.org/UKTeam/