Exorcist on my server

Forum Moderators: phranque

Message Too Old, No Replies

Exorcist on my server

morpheus83

6:31 am on May 14, 2004 (gmt 0)

I have my website running on a Win 2003 server. I use Microsoft FTP for uploading etc. Recently while taking back up of my website I was shocked to see a large file named Exocist DVD RIP it seems someone has uploaded it to my server. Is there any way to stip such things from happening.

Essex_boy

9:04 am on May 14, 2004 (gmt 0)

call a priest.

ukgimp

9:30 am on May 14, 2004 (gmt 0)

I think you need to get up on your security

[microsoft.com...]

Leosghost

9:58 am on May 14, 2004 (gmt 0)

I have my website running on a Win 2003 server. I use Microsoft FTP for uploading etc

Ths is your main problem : )

morpheus83

10:08 am on May 14, 2004 (gmt 0)

Should I use some other FTP server and disable Microsoft FTP.

Leosghost

10:58 am on May 14, 2004 (gmt 0)

What I meant was that your primary problem is M$ ..they realease "updates" (which usually result in even more "exploitables" ) ..more frequently than most people change their socks ....
Microsoft dont do "security" ..Microsoft do "code"..and "product"....
This may be a silly question but is this in your "public" or "private" FTP area ....cos if the former ..just delete and secure the area by shutting it off if you dont want people to be able to upload to it ....other wise some kind soul will no doubt start dropping off childpron in there and you will be held legally responsible ...

morpheus83

11:46 am on May 14, 2004 (gmt 0)

Can I turn off the MS FTP when I dont upload and turn it on using Terminal Services when I want to upload.

SEOMike

6:31 pm on May 14, 2004 (gmt 0)

Here's a thought...

Do you allow annon. FTP connections? Might help if you limit it to authorized users only.

Leosghost

9:27 pm on May 14, 2004 (gmt 0)

Do you allow annon. FTP connections? Might help if you limit it to authorized users only

's what I said!

Why on earth would you ever give anyone else the possibility to upload files on your server ...?

Are they gonna go to jail for you ...?
You are responsible legally for what is on your server ...wether it's what you put there or what someone else did .....
If there is any illegal matter of any sort found by police on your server ..you may and probably will go to jail...
"authorized" users are people who you must trust with your life (sentence) ....
Public access ftp upload ( wether authorized access or anon ) area is where other people can put your nightmares ...: o

asquithea

11:09 am on May 15, 2004 (gmt 0)

Call a priest

Surely he's got a priest already -- the problem is that he's also got a demon and a little girl with a propensity for projectile vomiting ;-)

It's far more likely that your server is poorly secured than the source code being exploited. Definitely one to fix -- these files can cost you a fortune in bandwidth.

morpheus83

12:24 pm on May 15, 2004 (gmt 0)

Yes already 800 Gb of my bandwith is used up. What I have done is Turned on Internet firewall provided by Windows and in MS FTP turned off Allow Anonymous FTP connections. Till now no FTP activity is detected.

ukgimp

3:46 pm on May 15, 2004 (gmt 0)

"IIS lockdown" free tool

wavebird23

3:48 pm on May 15, 2004 (gmt 0)

I agree with the second message, go to microsoft's homepage and find security downloads for your website.