Community Forums
Connect with us on LinkedIn
Gumblar Worm
  
+ Reply to Thread
Results 1 to 3 of 3
  1. 05-21-2009 08:40 AM #1
    oshs
    oshs is offline
    cPanel Partner NOC cPanel Partner NOC Badge
    Join Date
    Sep 2004
    Posts
    139

    Default Gumblar Worm

    Hi all,

    Looks pretty menacing. Any line of defence we can put up against this?

    http://uk.news.yahoo.com/16/20090515...w-6315470.html

    Regards,
    Suhail.
    DNSCluster.co.uk - multiple geographically dispersed DNS Cluster provider!
    R1Soft Leased CDP Licenses
    Reply With Quote Reply With Quote
  2. 05-21-2009 09:18 AM #2
    eth00
    eth00 is offline
    cPanel Partner NOC cPanel Partner NOC Badge
    Join Date
    Mar 2003
    Location
    NC
    Posts
    725
    cPanel/Enkompass Access Level

    Root Administrator

    Default

    The problem is that the real issue comes from the CLIENT, not the server. They are using a legit user/pass to login to the server and upload the files.

    You could use some server side security to help limit what the shells can do.

    One possible solution is to setup ftp uploads to be scanned on upload, that would stop them from at least uploading the tools.
    John W
    www.eth0.us
    Reply With Quote Reply With Quote
  3. 05-21-2009 12:58 PM #3
    ramprage
    ramprage is offline
    Member
    Join Date
    Jul 2002
    Location
    Canada
    Posts
    675

    Default

    Upload Guardian offers upload scanning (FTP and PHP) and integrates with your favorite antivirus products. http://www.serverprogress.com/upload_guardian.php
    Upload Guardian 2.0 - Sign up for our early beta
    ServerProgress - Server security, consulting and assistance
    Reply With Quote Reply With Quote
«   error exim after update | Bandwidth images »     
Similar Threads & Tags
Similar threads

  1. SOLUTION for Gumblar/IFRAME/JS hacks with stolen FTP Passwords...
    By hidonet in forum Security
    Replies: 123
    Last Post: 06-17-2010, 09:07 PM
  2. Effective iframe/gumblar hack prevention?
    By Wallaby in forum Security
    Replies: 5
    Last Post: 04-30-2010, 11:36 AM
  3. SOLUTION for Gumblar/IFRAME/JS hacks with stolen FTP Passwords...
    By hidonet in forum cPanel and WHM Discussions
    Replies: 98
    Last Post: 12-22-2009, 10:44 PM
  4. Possible Slapper Worm?
    By xxkylexx in forum cPanel and WHM Discussions
    Replies: 3
    Last Post: 07-14-2006, 01:12 PM
  5. Worm.SomeFool.P
    By gflamerich in forum cPanel and WHM Discussions
    Replies: 0
    Last Post: 06-29-2004, 03:15 PM
Tags for this Thread
Linkedin       Facebook       Twitter       RSS       Flickr       YouTube