IIS Server Security - Re: FTP Hacked - How does this happen?

This is Interesting: Free IT Magazines  
Home > Archive > IIS Server Security > July 2004 > Re: FTP Hacked - How does this happen?





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Re: FTP Hacked - How does this happen?
Milton F. Lopez

2004-07-02, 9:23 pm

My fully patched, firewall-enabled, VirusScan-and-PestPatrol running Windows 2003 was tagged twice this week. The tagger's directories were owned by the IUSR_ account, which has not write access to the ftproot folder.
I found this link to a disturbing report about IIS6/ASP holes:
http://xforce.iss.net/xforce/xfdb/12687
I am no forensics expert, and have limited resources to explore this - in other words, the server is still running (so far the tagger hasn't come back).
Any specific suggestion on what to look for would be much appreciated.
Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com