| Posted by BrockStone, 08-20-2008, 01:15 AM | | So I've been using a dedicated server for some time. These phishing sites keep coming up and I dont know how. It seems to be on the 777 directories, but not all of them have upload scripts in them. Is it possible for someone to write to a directory through apache? I'm totally confused.
|
| Posted by cristibighea, 08-20-2008, 01:20 AM | | It's probably SQL injection done on scripts that are vulnerable to such attacks, you should try to keep your scripts updated to their latest versions and avoid using outdated ones which are no longer being developed.
|
| Posted by TheITAdvisory, 08-20-2008, 08:08 AM | | You should hire a professional security audit team to provide a pen test on your server.
|
| Posted by webcertain, 08-20-2008, 08:11 AM | | err, you do know what 777 means , right ?
it means anyone can write to them.
so they can write any files they want from the web onto your server's folders that have that set.
therein, lies your problem.
However, now you've been compromised once, i'd recommend doing what TheITAdvisory suggested.
|
| Posted by jalapeno55, 08-20-2008, 03:22 PM | | What are you talking about? No they can't. Its only accounts on his server that would be able to do it. There is no way of doing it remotely from the web (unless there is a vulnerability on the server or on one of the scripts on the server). And since its his dedicated server its only his own accounts on there.
If you were corrected, I would be able to upload a root kit to ebay's folder where they store all their images for peoples products.
|
| Posted by TheITAdvisory, 08-20-2008, 03:24 PM | | If there are any scripts in that directory, are they not also 777?
777 means full rwx permissions for all, You see if you were to chmod o+rwx that would give others, or all other accounts full read, write, execute permissions. meaning that anyone outside of the owner:group would be able to write to it, thus, anyone, apache, users, what ever. You should never make a folder or directory full 777 and be web accessible.
Last edited by TheITAdvisory; 08-20-2008 at 03:28 PM.
|
| Posted by brianoz, 08-28-2008, 11:23 AM | | In fact, if you use suphp you'll never again need to make a folder 777 as any script will already have write access.
|
|
 Add to Favourites
 Print this Article
|
