On Nov 9, 2007 5:48 PM, robert mena <[EMAIL PROTECTED]> wrote:
> Hi Daniel,
>
> According to the audit this happened yesterday.
>
> I am searching astalavista but could not find anything, probably
> because I am being too specific.
>
> From the php side (or closely) what steps would you recommend i
That's an old SPAW exploit. Google (gotta' love how that's a verb
now) for `spaw exploit` and the first result is MARC.
[NOTE: All previous text cleared because this is the THIRD time
I've sent the message after Mailman rejected it twice due to URLs in
log inclusion.]
--
Daniel P. Brown
> >The person doing this seems to be relatively new to the scene,
> > only defacing websites with common vulnerabilities that you can find
> > anywhere on the Internet (http://astalavista.box.sk/ for example).
> > Check out Zone-H (http://www.zone-h.net/) to see if your domains are
> > on th
me, too this would be interesting
bastien> Date: Fri, 9 Nov 2007 09:01:09 -0600> From: [EMAIL PROTECTED]> To:
[EMAIL PROTECTED]> CC: [EMAIL PROTECTED]; php-general@lists.php.net> Subject:
Re: [PHP] Help securing a server : Owned by W4n73d H4ck3r> > On 11/9/07, Daniel
Br
Me too.
Guess a lot of us can learn something here from another's misfortune.
Thanks Robert and good luck
On 09/11/2007, Edward Kay <[EMAIL PROTECTED]> wrote:
>
>
> >
> > I'd be interested in reading this thread. OK with me to keep it
> > on the list.
> >
>
> Ditto.
>
> --
> PHP General Mailing L
On Nov 9, 2007 10:48 AM, robert mena <[EMAIL PROTECTED]> wrote:
> Hi Daniel,
>
> According to the audit this happened yesterday.
>
> I am searching astalavista but could not find anything, probably
> because I am being too specific.
>
> From the php side (or closely) what steps would you recommend
Hi Daniel,
According to the audit this happened yesterday.
I am searching astalavista but could not find anything, probably
because I am being too specific.
>From the php side (or closely) what steps would you recommend in order
to have a better security?
I could not find a consistent 'list' of
On Nov 9, 2007 10:05 AM, robert mena <[EMAIL PROTECTED]> wrote:
> Hi Daniel,
>
> Thanks for the reply.
>
> I agree that there are steps that go outside php scope (chroot apache
> etc) but I think this partially belongs to this list specially since
> google shows that the same message (perhaps a cop
>
> I'd be interested in reading this thread. OK with me to keep it
> on the list.
>
Ditto.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Hi Daniel,
Thanks for the reply.
I agree that there are steps that go outside php scope (chroot apache
etc) but I think this partially belongs to this list specially since
google shows that the same message (perhaps a copycat?) appears in
tons of sites.
I was hoping that someone already had tips
On 11/9/07, Daniel Brown <[EMAIL PROTECTED]> wrote:
>
> On Nov 9, 2007 9:27 AM, robert mena <[EMAIL PROTECTED]> wrote:
> > Hi,
> >
> > One server that hosts several domains ended up with the message "Owned
> > by W4n73d H4ck3r".While still performing an audit I am very
> > confident that this w
On Nov 9, 2007 9:27 AM, robert mena <[EMAIL PROTECTED]> wrote:
> Hi,
>
> One server that hosts several domains ended up with the message "Owned
> by W4n73d H4ck3r".While still performing an audit I am very
> confident that this was caused by a php script (it is a linux server)
> uploaded via FT
12 matches
Mail list logo
