C
ctek
Guest
we have taken over a plesk 8.0 machine from a customer. its seems to be a pain in the *** concidering security. since we have taken over the machine, we had several script kiddies, pishers etc. on the machine.
the latest attack was some script in /var/temp folder (udp flooding script) called andos.txt together with some tar file iceBNZ.tgz.
the script seems to be executed by some php or perl script. we have removed the script and look for any security whole now in plesk modules.
the OS is a debian linux stable version with no external module support kernal.
any hints or tipps
1) to improve security in plesk (perl/php/apache)
2) how the script and tar file got to the /var/temp folder ?
thankx
the latest attack was some script in /var/temp folder (udp flooding script) called andos.txt together with some tar file iceBNZ.tgz.
the script seems to be executed by some php or perl script. we have removed the script and look for any security whole now in plesk modules.
the OS is a debian linux stable version with no external module support kernal.
any hints or tipps
1) to improve security in plesk (perl/php/apache)
2) how the script and tar file got to the /var/temp folder ?
thankx