Microsoft
Software
Hardware
Network
Question : Server has been compromized: psyBNC and eggdrop
Hi All,
My freeBSD server has been compromised; I have found a few instances of implanted directories with the standard IRC stuff: psyBNC and eggdrop. I have removed all these files and also disabled IRC ports. What can I do to prevent it in the future?
what I have done:
1) run chkrootkit and rkhunter - nothing has been found
2) checked all the processes ps -efl (nothing bad)
3) removed implanted crontab for psyBNC
what else can I do?
how can I prevent uploading foreign files and creating directories? users on my server do not have ftp access, so it could be done only via web interface.
How can I add .htaccess to prevent creating directories, for example? (the 1st remedy that comes to my mind)
Please, advise
Answer : Server has been compromized: psyBNC and eggdrop
Hi!
There are many things you could do to secure your system.
One idea is to google for "freeBSD security checklist".
http://www.freebsd.org/doc
/en_US.ISO
8859-1/boo
ks/handboo
k/
security
.html
Regards
Random Solutions
Eclipse - Java - code format
Disabling NetBIOS over TCP/IP - cannot browse network
Cisco VOIP Contact Center - Recording
Splash page before allowing users to access toe internet
VLAN confusion (on Dell 5324 switch)
ICMP Fragmentation
VOIP * Static VPN from Home to a Pix 515 or Windows VPN Server
How can I reserve address ranges?
Issues with Receiving EMAIL
GoDaddy PHP Mail Script