Microsoft
Software
Hardware
Network
Question : Server has been compromized: psyBNC and eggdrop
Hi All,
My freeBSD server has been compromised; I have found a few instances of implanted directories with the standard IRC stuff: psyBNC and eggdrop. I have removed all these files and also disabled IRC ports. What can I do to prevent it in the future?
what I have done:
1) run chkrootkit and rkhunter - nothing has been found
2) checked all the processes ps -efl (nothing bad)
3) removed implanted crontab for psyBNC
what else can I do?
how can I prevent uploading foreign files and creating directories? users on my server do not have ftp access, so it could be done only via web interface.
How can I add .htaccess to prevent creating directories, for example? (the 1st remedy that comes to my mind)
Please, advise
Answer : Server has been compromized: psyBNC and eggdrop
Hi!
There are many things you could do to secure your system.
One idea is to google for "freeBSD security checklist".
http://www.freebsd.org/doc
/en_US.ISO
8859-1/boo
ks/handboo
k/
security
.html
Regards
Random Solutions
Problems loading wireless NIC for different users.
how to use Unzip.nlm in NW 5.1 sp5
HP ProCurve command line: how to print mac addresses
You must run setup to install new binary files for every server in your farm
Email Dead Man's Switch or Heartbeat monitor
Limiting roaming profile sizes
UBUNTU 8.04 HOW do you set up bind A and MX record, zone?
why can i not map network drive?
How to implement between domains of different forest?
XP admin machine not integrating well with Win2k environment
