Hacked Web Site
Daniel A.
alive at dienub.org
Fri May 19 03:42:51 PDT 2006
Don O'Neil wrote:
> A customer of mine recently had their web site hacked and the index file
> defaced by Milli-Harekat...
>
> http://www.zone-h.org/en/search/what=Milli-Harekat.Org/
>
> Does anyone know the exploit used for this and where to find out about
> fixing it? I have a feeling it's a brute force attack of some sort, but I
> can't find anything.
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
Hi Don,
Please look in your auth.log (Usually in /var/log) to check for recent
failed log attempts, and your httpd-*.log (Usually /var/log unless
specified otherwise in your httpd.conf files)
If you find something suspicious, please paste the relevant lines. I
suggest *not* attaching the entire log files, as they may contain
sensitive data in form of IP addresses and valid usernames.
More information about the freebsd-questions
mailing list