Results 1 to 7 of 7
  1. #1
    Join Date
    Mar 2004
    Location
    egypt
    Posts
    24

    my Server Hacked

    Dear all

    Today while i run some commands like ls this error appeared

    segmentation falt

    any way the reason is my server's hacked

    now i reinstall it but my question

    How could my server hack while i have disabled Compilers for unprivileged users

    i admited that i have found cgi-telnet scripts but how could he used it to install rootkit

    plz help me to not falldown again

    Thanks

  2. #2
    Join Date
    May 2006
    Location
    Teh Interweb
    Posts
    314
    Disabling access to your compilers is not nearly enough to ensure your servers security. I would suggest googling something like dedicated server security to get a better starting point for the new machine.

    In most cases that I have seen access to a compiler was not needed. Users can build the binary on a local machine setup the same as your server and then download the new binary. This is if they go this route in the first place. Most of the time it will be something more along the lines of insecure php/perl scripts hosted on your machine that end up giving access.

    Best of luck in the future.

    [[email protected]] ~ $ cat .signature
    cat: .signature: No such file or directory

  3. #3
    Join Date
    Mar 2006
    Location
    New York USA
    Posts
    402
    Usuing a cgi-telnet script or any script running as priv' user could result in the installation of a rootkit or other means of a backdoor. All it would take is a wget commend in the script itself to get and download something remotely, then compile and run it in the system or simply wget the already compiled binary as mentioned. You may want to google chkrootkit or rkhunter, install one of them and scan the server. It would also be in your best interest to have a professional security auditor audit your server for security holes, and help patch them, then again re-scan the server to make sure everything is fine.

    Best Regards,
    -Shaun-

  4. #4
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    11,686
    How could my server hack while i have disabled Compilers for unprivileged users
    Easily. Compilers are only half the battle. You then have to worry about executables, and the like.

    Security is NEVER as simple as one or two tutorials. It's a day to day trick , and it keeps experts on their toes, because there's always new stuff coming up daily.

    Know your server, know what's going on with it at all times, know what it's telling you, read the logs, understand them, and you'll find yourself in a whole lot better place for security. Better yet, find yourself a competent admin to take a look @ things for you.
    WHMCS Guru - WHMCS addons, management, support and more.
    WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to WHMCS !!
    Always looking for Linux, WHMCS, Support Desk work. PM for details

  5. #5
    Join Date
    Mar 2004
    Location
    egypt
    Posts
    24
    Many Thanks for clear that

    but could you guide me for How To Secure server
    or some useful links i know that i can search on google but plz i need ur help


    Thanks

  6. #6
    Join Date
    Jun 2004
    Posts
    523
    If you do not know what you are doing administration wise i would recommend contacting a company to complete this for you like rack911.com

    Otherwise there are misc security walk throughs, have a look here:
    http://www.eth0.us/taxonomy/term/10
    http://www.webhostingtalk.com/forumdisplay.php?f=73
    System Administrator

  7. #7
    Join Date
    Mar 2004
    Location
    egypt
    Posts
    24
    Thanks

    I appreciate that

    Thanks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •