Posted by Raj Shekhar on 08/27/05 10:12

Shafiq Rehman <rehmanms@gmail.com> writes:

> Hi all,
>
> Thanx to all of you. My server is running on Linux and there is not any
> phpbb running on it. If vulnerability is in my code.. Is there any way that
> I can find the buggy code on my server which allowed that trojan to write
> into all the index files.
>
> I analyzed the apache logs but did not found any thing wrong. My server is
> protected with firewar and only port 80 is opened.

- If you have a backup of your data (which was taken before you detected
the crack on your server), it would be a good idea to reload linux on
your box and populate it with the sane data.

- How did you analyze your apache logs ?

- Check out
http://public.yahoo.com/~radwin/talks/one-year-of-php-oscon2003.htm
especially the "security" part.

--
Raj Shekhar
blog : http://rajshekhar.net/blog home : http://rajshekhar.net
Disclaimer : http://rajshekhar.net/disclaimer

• Next in forum: [suspicious - maybe spam] Re: [suspicious - maybe spam] Need advice or code
• Prev in forum: Re: [PHP] PHP CMS
• Thread view: Re: php vulnerability

[Reply to this message]