Microsoft
Software
Hardware
Network
Question : Server has been compromized: psyBNC and eggdrop
Hi All,
My freeBSD server has been compromised; I have found a few instances of implanted directories with the standard IRC stuff: psyBNC and eggdrop. I have removed all these files and also disabled IRC ports. What can I do to prevent it in the future?
what I have done:
1) run chkrootkit and rkhunter - nothing has been found
2) checked all the processes ps -efl (nothing bad)
3) removed implanted crontab for psyBNC
what else can I do?
how can I prevent uploading foreign files and creating directories? users on my server do not have ftp access, so it could be done only via web interface.
How can I add .htaccess to prevent creating directories, for example? (the 1st remedy that comes to my mind)
Please, advise
Answer : Server has been compromized: psyBNC and eggdrop
Hi!
There are many things you could do to secure your system.
One idea is to google for "freeBSD security checklist".
http://www.freebsd.org/doc
/en_US.ISO
8859-1/boo
ks/handboo
k/
security
.html
Regards
Random Solutions
XP Home File Sharing Continual Failures
connection refused. ip name lookup failed
Using NETDOM to rename PC, User Name cannot be found
BGP firewall
ping failing on 2nd hop
cpanel setting up Email Authentication, error about domainkeys and SPF
Subnetting
Kilo Convertor Window Class
Cisco 1721 wr mem not saving
Possible to make a Pre-Shared Key optional in Cisco Aironet 1231G
