Shafiq Rehman wrote:
My server was hacked last week and the message displayed on home page was
"spy kidz owns your server". I researched on internet and found that this is
some kind of trojan which infects the *.index files. It penetrate from HTTP.
Some paople were saying that there is vulnerability in PHP. Please help how
can I protect my server from further attacks.
You need to provide more detail. Do you mean index.* files?
Have you looked in your server logs to see if they left any tracks?
What applications are running on your server? There have been some
recent XMLRPC vulnerabilities affecting a large range of PHP
applications. IMHO the vulnerability is much more likely to be in an
application built in PHP than in PHP itself.
Do you run a firewall on your server? Which ports remain open?
Jasper
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
