Re: Server injection attack

To: debian-user@lists.debian.org
Cc: rocky <rocky2winnie@gmail.com>
Subject: Re: Server injection attack
From: Mike Bird <mgb-debian@yosemite.net>
Date: Mon, 9 Jul 2007 21:06:57 -0700
Message-id: <[🔎] 200707092106.59491.mgb-debian@yosemite.net>
In-reply-to: <[🔎] 1184036726.894632.76200@o11g2000prd.googlegroups.com>
References: <[🔎] 1184032554.680540.297960@a26g2000pre.googlegroups.com> <[🔎] 20070710024211.GA12121@miami.connexer.com> <[🔎] 1184036726.894632.76200@o11g2000prd.googlegroups.com>

On Monday 09 July 2007 20:05, rocky wrote:
> Thank you very much for your reply! Yes all of the rest are getting a
> 403 response. The problem is that the log files are sending over by
> FortressITX Abuse Dept. They are complaining our server is used to do
> injection attack against other servers.
>
> Can any of you help me please?

Rocky,

Turn the server off.  With someone else controlling your server, you
have no idea what it is doing, who it is attacking, or what private
information it is giving away.  Depending upon your jurisdiction, you
may be legally liable for your server's attacks on others.  It's almost
certainly attacking a lot more than just FortressITX.  Turning the
server off may be unpleasant but all of the alternatives are worse.

Then find someone knowledgeable and trustworthy to see what can be
done, which will probably require a wipe and reinstall.  When you
reinstall, be sure that everyone uses different passwords and keys,
as your current passwords and keys are compromised.

--Mike Bird

Reply to:

References:
- Server injection attack
  - From: rocky <rocky2winnie@gmail.com>
- Re: Server injection attack
  - From: Roberto C. Sánchez <roberto@connexer.com>
- Re: Server injection attack
  - From: rocky <rocky2winnie@gmail.com>

Prev by Date: Re: Help buying Economic Printer
Next by Date: Re: Qemu and existing windows partition
Previous by thread: Re: Server injection attack
Next by thread: Re: Server injection attack
Index(es):
- Date
- Thread