Re: Help with cgi script attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: Help with cgi script attack
From: John Summerfield <debian@xxxxxxxxxxxxxxxxxxxxxx>
Date: Sun, 19 Mar 2006 20:25:15 +0800
In-reply-to: <441B39E6.10868.2040B8B@xxxxxxxxxxxxxxxxx>
References: <441B39E6.10868.2040B8B@xxxxxxxxxxxxxxxxx>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla Thunderbird 1.0RC1 (X11/20050416)

Knute Johnson wrote:

I need some help finding the correct place to go to get specifichelp. We have a script that uses sendmail to send form data to thesite owner. Last night somebody managed to use it to send thousandsof spam emails. I need to find the right place to ask about thescript to determine exactly how the attack was accomplished so we canfix the script. Any direction would be greatly appreciated.
Thanks,


If you don't know the wcript being used, read the apache logs.

Especially, read what logwatch has to say. I read daily about attemptsto misuse my sites.

You could also use iptables to prevent outgoing email until you haveidentified and fixed the problem. Any inconvenience to your users isnothing compared with what happens when you're taken off the 'net.

References:
- Help with cgi script attack
  - From: Knute Johnson

Prev by Date: Re: redhat entreprise or FC
Next by Date: Re: Help Please Can I reinsall FC 2 without losing my data
Previous by thread: Re: Help with cgi script attack
Next by thread: Anyone could link to http://kernelnewbies.org?
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]

Powered by Linux