> Can you throw us bone, and point us to some information on how to
> strip down a CF, IIS Server?
Yes. Read the IIS installation checklists on the MS security site
(http://www.microsoft.com/security/) and on securityfocus.com
(http://www.securityfocus.com/). Read about how to use ACLs at
http:/
it (not because of it). It may not stop a hack, but it should
allow you to catch it before too much damage can be done.
Justin
-Original Message-
From: Dave Watts [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 19, 2001 2:13 AM
To: CF-Talk
Subject: RE: CF trojen? BackdoorJY.sv
trying to fit in. :)
From: "Christopher Olive, CIO" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
To: CF-Talk <[EMAIL PROTECTED]>
Subject: RE: CF trojen? BackdoorJY.sv
Date: Thu, 19 Jul 2001 09:18:55 -0400
actually, microsoft has a good article on hardening IIS5. don
EMAIL PROTECTED]]
Sent: Thursday, July 19, 2001 9:31 AM
To: CF-Talk
Subject: Re: CF trojen? BackdoorJY.sv
>Rather than relying on Microsoft
> patches, you'll get better mileage out of properly configuring your
servers
> up front. Here's a little secret of mine. I don't both
>Rather than relying on Microsoft
> patches, you'll get better mileage out of properly configuring your
servers
> up front. Here's a little secret of mine. I don't bother installing
most
of
> the IIS patches when they come out. I don't have to, because they
patch
> things that I've already disab
gt; Sent: Wednesday, July 18, 2001 11:13 PM
> To: CF-Talk
> Subject: RE: CF trojen? BackdoorJY.sv
>
>
> > Everyone running IIS should look at this:
> >
> > http://www.microsoft.com/Downloads/Release.asp?ReleaseID=24168
> >
> > This has kept us pretty muc
> Everyone running IIS should look at this:
>
> http://www.microsoft.com/Downloads/Release.asp?ReleaseID=24168
>
> This has kept us pretty much out of the eye of trouble for quite some
> time. Hackers managed to get in almost daily, prior to us recreating
> our systems, adding W2K SP2, and then
gt; Sent: Wednesday, July 18, 2001 9:25 PM
> To: CF-Talk
> Subject: RE: CF trojen? BackdoorJY.sv
>
>
> > My virus checker (mcafee) just revealed 4 viruses on my server:
> >
> > C:\server.dll
> > c:\server.exe
> > c:\cfusion\bin\server.dll
> > c:\
> My virus checker (mcafee) just revealed 4 viruses on my server:
>
> C:\server.dll
> c:\server.exe
> c:\cfusion\bin\server.dll
> c:\cfusion\bin\server.exe
>
> it said they all were infected with BackdoorJY.dll or BackdoorJY.svr
> trojens.
>
> This is a Windows 2000 advanced server with CF4.5.
9 matches
Mail list logo