nanog mailing list archives
Re: Malicious code just found on web server
From: Paul Ferguson <fergdawgster () gmail com>
Date: Mon, 20 Apr 2009 10:52:57 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, Apr 20, 2009 at 10:40 AM, Nick Chapman <nicknetworks () gmail com> wrote:
On Mon, Apr 20, 2009 at 12:47 PM, Neil <kngspook () gmail com> wrote:
But if you figure out how they got write access to a static website, I'd love to hear it.Compromised FTP credentials would be my guess. They can be obtained by brute force attacks or credential stealing trojans.
Yeah, it could have been any number of ways -- there has also been a huge increase of SSH brute-force attacks in the past few weeks: https://isc.sans.org/diary.html?storyid=6214 - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFJ7LZrq1pz9mNUZTMRAvjkAJ9FLDn/KsLDrW9uIveQEw23ojaFbQCg7T6C LZo3kISAfgBAfdbRSgUd878= =vQAP -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/
Current thread:
- Malicious code just found on web server Russell Berg (Apr 17)
- Re: Malicious code just found on web server Neil (Apr 20)
- Re: Malicious code just found on web server Paul Ferguson (Apr 20)
- Re: Malicious code just found on web server Mike Lewinski (Apr 20)
- Re: Malicious code just found on web server Paul Ferguson (Apr 20)
- Re: Malicious code just found on web server Gadi Evron (Apr 20)
- RE: Malicious code just found on web server Chuck Schick (Apr 21)
- Re: Malicious code just found on web server Nathan Ward (Apr 21)
- Re: Malicious code just found on web server Paul Ferguson (Apr 20)
- Re: Malicious code just found on web server Nick Chapman (Apr 20)
- Re: Malicious code just found on web server Paul Ferguson (Apr 20)
- Re: Malicious code just found on web server Ingo Flaschberger (Apr 20)
- Re: Malicious code just found on web server Gadi Evron (Apr 20)
- Re: Malicious code just found on web server Kevin Oberman (Apr 21)
- Re: Malicious code just found on web server Neil (Apr 20)
- <Possible follow-ups>
- RE: Malicious code just found on web server Russell Berg (Apr 17)
- Re: Malicious code just found on web server Chris Mills (Apr 17)
- Re: Malicious code just found on web server Paul Ferguson (Apr 17)
- Re: Malicious code just found on web server Paul Ferguson (Apr 17)
- Re: Malicious code just found on web server Chris Mills (Apr 17)
- Re: Malicious code just found on web server Jake Mailinglists (Apr 17)
- Re: Malicious code just found on web server Chris Mills (Apr 17)
- Re: Malicious code just found on web server Paul Ferguson (Apr 17)