The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

CWings - Server Hacker

Discussion in 'General Discussion' started by codegirl42, Oct 9, 2006.

  1. codegirl42

    codegirl42 Well-Known Member

    Joined:
    Mar 9, 2006
    Messages:
    93
    Likes Received:
    0
    Trophy Points:
    6
  2. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,577
    Likes Received:
    40
    Trophy Points:
    48
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    zone-h.org has been around for a long time defacing vunrible php scripts

    best to install mod_security with a good set of rules and insure your clients keep their scripts up2date
     
    #2 dalem, Oct 9, 2006
    Last edited: Oct 9, 2006
  3. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Zone-H does not do the defacing, they track information related to computer crimes (i.e. defacements) Zone-H is neither responsible for the reported computer crimes nor it is directly or indirectly involved in them.
     
  4. codegirl42

    codegirl42 Well-Known Member

    Joined:
    Mar 9, 2006
    Messages:
    93
    Likes Received:
    0
    Trophy Points:
    6
    does anyone have a good set of rules that i can borrow??!
     
  5. codegirl42

    codegirl42 Well-Known Member

    Joined:
    Mar 9, 2006
    Messages:
    93
    Likes Received:
    0
    Trophy Points:
    6
    I think this was the hack....not sure...

    62.194.10.83 - - [08/Oct/2006:14:38:17 -0700] "GET /psychic_powers.cfm?dn=countryvillagestore.com&cid=2b95a00981&nft=1&sp=1&t=4&p=4 HTTP/1.1" 404 -


    or maybe:

    208.254.45.254 - - [08/Oct/2006:16:04:16 -0700] "\x80@\x01\x03" 501 -
    208.254.45.254 - - [08/Oct/2006:16:04:23 -0700] "\x80@\x01\x03" 501 -
    24.193.137.213 - - [08/Oct/2006:21:32:06 -0700] "\x16\x03" 501 -
    24.193.137.213 - - [08/Oct/2006:21:45:37 -0700] "\x16\x03" 501 -


    i wish i knew wht the heck this all meant...:(
     
  6. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,577
    Likes Received:
    40
    Trophy Points:
    48
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
Loading...

Share This Page