Renegade
19.06.2007, 13:30:26
Download scripts inherently need less restrictive permissions in order to be operable (namely, world write permissions). In addition, software is not perfect, and especially open source internet scripts are often exploited. This latter situation happened to us last time we used a download script - I believe we found a few hundred megs of warez (some japanese anime series episodes, I think), and a .php that allowed the attacker shell access to the server. In fact, when I removed the attacker's script, a new one appeared the next day - so we were not only exploited, but actually actively monitored.
Our host's reaction? Instead of helping us catch the offender and securing the machine, they declared our server would never count as "secure" again, because nobody knew what exactly was installed.
The FTP method may have the drawback of not giving out stats or pretty description pages, but at least it's more or less secure. I'd rather not have to pay for terabytes of traffic used up by ripped DragonBall Z episodes or something.
Our host's reaction? Instead of helping us catch the offender and securing the machine, they declared our server would never count as "secure" again, because nobody knew what exactly was installed.
The FTP method may have the drawback of not giving out stats or pretty description pages, but at least it's more or less secure. I'd rather not have to pay for terabytes of traffic used up by ripped DragonBall Z episodes or something.
Forum Rules
(01.06.2011, 05:43:25)kenosis Wrote: Oh damn don't be disgraced again!
(25.06.2011, 20:42:59)Nighthawk Wrote: The proverbial bearded omni-bug may be dead, but the containment campaign is still being waged in the desert.