Microsoft
Software
Hardware
Network
Question : Server has been compromized: psyBNC and eggdrop
Hi All,
My freeBSD server has been compromised; I have found a few instances of implanted directories with the standard IRC stuff: psyBNC and eggdrop. I have removed all these files and also disabled IRC ports. What can I do to prevent it in the future?
what I have done:
1) run chkrootkit and rkhunter - nothing has been found
2) checked all the processes ps -efl (nothing bad)
3) removed implanted crontab for psyBNC
what else can I do?
how can I prevent uploading foreign files and creating directories? users on my server do not have ftp access, so it could be done only via web interface.
How can I add .htaccess to prevent creating directories, for example? (the 1st remedy that comes to my mind)
Please, advise
Answer : Server has been compromized: psyBNC and eggdrop
Hi!
There are many things you could do to secure your system.
One idea is to google for "freeBSD security checklist".
http://www.freebsd.org/doc
/en_US.ISO
8859-1/boo
ks/handboo
k/
security
.html
Regards
Random Solutions
domain admin and domain user accounts are being locked out
Copy DNS?
how to rdp through two routers on a segregated network
Cisco CTIOS Cannot log in - timeout error
Mapping drives with Net Use
Assign MAC address to DHCP Reservation
E-Books on Mobile Programming
Using static pulic IP on a NAT netowork - Cisco router
Any Alternate for Hyperterminal
IPP Linksys wireless Print server
