On Nov 9, 2007 5:48 PM, robert mena [EMAIL PROTECTED] wrote:
Hi Daniel,
According to the audit this happened yesterday.
I am searching astalavista but could not find anything, probably
because I am being too specific.
From the php side (or closely) what steps would you recommend in order
Hi,
One server that hosts several domains ended up with the message Owned
by W4n73d H4ck3r.While still performing an audit I am very
confident that this was caused by a php script (it is a linux server)
uploaded via FTP or by a defective site hosted (perhaps vulnerable
version of a CMS).
The
On Nov 9, 2007 9:27 AM, robert mena [EMAIL PROTECTED] wrote:
Hi,
One server that hosts several domains ended up with the message Owned
by W4n73d H4ck3r.While still performing an audit I am very
confident that this was caused by a php script (it is a linux server)
uploaded via FTP or by a
On 11/9/07, Daniel Brown [EMAIL PROTECTED] wrote:
On Nov 9, 2007 9:27 AM, robert mena [EMAIL PROTECTED] wrote:
Hi,
One server that hosts several domains ended up with the message Owned
by W4n73d H4ck3r.While still performing an audit I am very
confident that this was caused by a
Hi Daniel,
Thanks for the reply.
I agree that there are steps that go outside php scope (chroot apache
etc) but I think this partially belongs to this list specially since
google shows that the same message (perhaps a copycat?) appears in
tons of sites.
I was hoping that someone already had
I'd be interested in reading this thread. OK with me to keep it
on the list.
Ditto.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
On Nov 9, 2007 10:05 AM, robert mena [EMAIL PROTECTED] wrote:
Hi Daniel,
Thanks for the reply.
I agree that there are steps that go outside php scope (chroot apache
etc) but I think this partially belongs to this list specially since
google shows that the same message (perhaps a copycat?)
Hi Daniel,
According to the audit this happened yesterday.
I am searching astalavista but could not find anything, probably
because I am being too specific.
From the php side (or closely) what steps would you recommend in order
to have a better security?
I could not find a consistent 'list' of
On Nov 9, 2007 10:48 AM, robert mena [EMAIL PROTECTED] wrote:
Hi Daniel,
According to the audit this happened yesterday.
I am searching astalavista but could not find anything, probably
because I am being too specific.
From the php side (or closely) what steps would you recommend in order
Me too.
Guess a lot of us can learn something here from another's misfortune.
Thanks Robert and good luck
On 09/11/2007, Edward Kay [EMAIL PROTECTED] wrote:
I'd be interested in reading this thread. OK with me to keep it
on the list.
Ditto.
--
PHP General Mailing List
me, too this would be interesting
bastien Date: Fri, 9 Nov 2007 09:01:09 -0600 From: [EMAIL PROTECTED] To:
[EMAIL PROTECTED] CC: [EMAIL PROTECTED]; php-general@lists.php.net Subject:
Re: [PHP] Help securing a server : Owned by W4n73d H4ck3r On 11/9/07, Daniel
Brown [EMAIL PROTECTED] wrote
The person doing this seems to be relatively new to the scene,
only defacing websites with common vulnerabilities that you can find
anywhere on the Internet (http://astalavista.box.sk/ for example).
Check out Zone-H (http://www.zone-h.net/) to see if your domains are
on there, and
That's an old SPAW exploit. Google (gotta' love how that's a verb
now) for `spaw exploit` and the first result is MARC.
[NOTE: All previous text cleared because this is the THIRD time
I've sent the message after Mailman rejected it twice due to URLs in
log inclusion.]
--
Daniel P.
13 matches
Mail list logo