Re: FTP Hacked - How does this happen?

Web Server Talk > Web Servers reviews > IIS server support > IIS Server Security > Re: FTP Hacked - How does this happen?

Last Thread Next Thread Next

Re: FTP Hacked - How does this happen?

Milton F. Lopez

07-03-04 02:23 AM

My fully patched, firewall-enabled, VirusScan-and-PestPatrol running Windows
 2003 was tagged twice this week. The tagger's directories were owned by the
 IUSR_ account, which has not write access to the ftproot folder.
I found this link to a disturbing report about IIS6/ASP holes:
http://xforce.iss.net/xforce/xfdb/12687
I am no forensics expert, and have limited resources to explore this - in ot
her words, the server is still running (so far the tagger hasn't come back).
Any specific suggestion on what to look for would be much appreciated.

[ Post a follow-up to this message ]

Most Popular forums

Apache Server	MySQL for Windows	Sendmail
Red Hat Networking	SuSe Linux	Debian Linux
FreeBSD administration	Sun Solaris administration	Unix Shell programming
WebSphere Portal Server	Exchange 2000 administration	PostgreSQL administration
Linux Security	Computer Security	Firewalls

Forum Jump:

Forum Rules:

You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

HTML code is OFF
vB code is ON
Smilies are ON
[IMG] code is OFF

Medical and Health forum | Computer Games Reviews | Graphics design forum

Automated OffSite Backup	Shopping Cart Software
RAM Memory Upgrades

Syndicate this forum via XML or simple JavaScript feed

Home | Usercp | Faq | Register