GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Got hacked yesterday (https://gfy.com/showthread.php?t=180185)

NemesisEnforcer 09-27-2003 01:07 PM
Got hacked yesterday
 
TGIF, so I thought. It's Friday afternoon, I'm about to take a nap and hit the strip clubs later. Well, it was not to be.

I got a call from my monitoring service saying that connection was refused to my sites. There was no remote or console access to the server. I had to boot from the CD and reinstall the binaries. Checking my system logs, it appears that someone took advantage of an exploit in my FTP server and installed a root kit along with a sniffer. Based on the time stamps, they had 2 hours of access to the server.

It took me 9 hours to restore the system check for additional vulnerabilities and make the necessary patches. What a bitch!

JamesK 09-27-2003 01:07 PM
not my problem

Shoplifter 09-27-2003 01:26 PM
What FTP server? Wuftpd ?

davidd 09-27-2003 01:47 PM
Quote:
Originally posted by NemesisEnforcer
TGIF, so I thought. It's Friday afternoon, I'm about to take a nap and hit the strip clubs later. Well, it was not to be.

I got a call from my monitoring service saying that connection was refused to my sites. There was no remote or console access to the server. I had to boot from the CD and reinstall the binaries. Checking my system logs, it appears that someone took advantage of an exploit in my FTP server and installed a root kit along with a sniffer. Based on the time stamps, they had 2 hours of access to the server.

It took me 9 hours to restore the system check for additional vulnerabilities and make the necessary patches. What a bitch!
Out of curiosity what OS was the server running?

Jinx_Co 09-27-2003 01:48 PM
yah, There are some new sshd, and sendmail vulnerabilities out too that everyone should get patched up.

NemesisEnforcer 09-27-2003 01:49 PM
proFTPD

http://www.securityfocus.com/archive/1/338687

I had to patch sendmail as well

Quote:
Originally posted by Shoplifter
What FTP server? Wuftpd ?

NemesisEnforcer 09-27-2003 01:50 PM
Red Hat Linux 8

Quote:
Originally posted by davidd


Out of curiosity what OS was the server running?

fris 09-27-2003 01:57 PM
ya their was an exploit out for proftpd i upgraded mine, i use proftpd as well, i ditched sendmail on all our servers. i use qmail. secure as a mofo. but then again we dont use linux. freebsd all the way.


make sure to upgrade your openssh too. exploit came out for that too recently.


All times are GMT -7. The time now is 02:49 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123