The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Hacked again... via an very old file?

Discussion in 'General Discussion' started by Parcye, Sep 18, 2009.

  1. Parcye

    Parcye Well-Known Member

    Joined:
    May 19, 2004
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Eindhoven
    Today an account got hacked, an file, ftpchk3.pl was the reason (I think).

    It was a instant hit with FTP and then they uploaded CGI that mass mailed for atleast 20 minutes.

    How can I find all exploits alike?

    How can I try to prevent this?
     
  2. MattCurry

    MattCurry Well-Known Member

    Joined:
    Aug 18, 2009
    Messages:
    275
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Houston, Tx
    Finding Exploits

    Hello,


    This can be a tricky questions, I am not able to really show you how to secure your entire server. However, I can give you a little info on how to find some problems that may be a risk.

    Find All FIles That Are 777

    find / \( -perm -a+w \) ! -type l >> world_writable.txt

    Hope that helps. Files that are 777 can be a security risk, and it is a good place to start. Please let me know

    Thank you,
    Matthew Curry
     
Loading...

Share This Page