Re: Server injection attack
On Jul 10, 12:10 pm, Mike Bird <mgb-deb...@yosemite.net> wrote:
> On Monday 09 July 2007 20:05, rocky wrote:
>
> > Thank you very much for your reply! Yes all of the rest are getting a
> > 403 response. The problem is that the log files are sending over by
> > FortressITX Abuse Dept. They are complaining our server is used to do
> > injection attack against other servers.
>
> > Can any of you help me please?
>
> Rocky,
>
> Turn the server off. With someone else controlling your server, you
> have no idea what it is doing, who it is attacking, or what private
> information it is giving away. Depending upon your jurisdiction, you
> may be legally liable for your server's attacks on others. It's almost
> certainly attacking a lot more than just FortressITX. Turning the
> server off may be unpleasant but all of the alternatives are worse.
>
> Then find someone knowledgeable and trustworthy to see what can be
> done, which will probably require a wipe and reinstall. When you
> reinstall, be sure that everyone uses different passwords and keys,
> as your current passwords and keys are compromised.
>
> --Mike Bird
>
> --
> To UNSUBSCRIBE, email to debian-user-REQU...@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Hey Mike,
Thank you very much for your help! Are you meaning someone has been
controlling our server? If we are going to reinstall the server, we
will need to use the backup to restore the websites hosted on our
server. Does the back up will make the new installation of the server
vulnerable?
Thanks a lot in advance!
Blessings,
Rocky
Reply to: