Go Back   Computer Forums > Web Design | Website Development > General Hosting
Click Here to Login
Join Computer forums Today

Thread Tools Search this Thread Display Modes
Old 04-01-2006, 06:45 PM   #1
Beta Member
Join Date: Apr 2006
Posts: 1
Default Server Exploits

I have a dedicated server using linux and apache that is being exploited by someone using it to relay spam. They have been able to exploit the server via a php formmail script I have been using. I have this script running on dozens of web sites, so changing the script is not the solution. I have since installed a robots.txt blocking these files from being picked up by the spam robots.

I also get messages like this about a virus from one bogus alias on my domain to another bogus alias:

This is a message from the MailScanner E-Mail Virus Protection Service
The original e-mail attachment "information.zip"
was believed to be infected by a virus and has been replaced by this warning

If you wish to receive a copy of the *infected* attachment, please
e-mail helpdesk and include the whole of this message
in your request. Alternatively, you can call them, with
the contents of this message to hand when you call.

At Sat Apr 1 10:56:49 2006 the virus scanner said:
ClamAV Module: information.ht.scr was infected: Worm.Mytob.CA
MailScanner: Windows Screensavers are often used to hide viruses (information.ht.scr)

Note to Help Desk: Look on the WebDesign MailScanner in /home/virtual/site16/fst/var/spool/mail.quarantine/20060401 (message k31IuZrQ005959).
MailScanner thanks transtec Computers for their support

Unfortunately I am a designer and not a programmer so I know next to nothing about how to go about solving this problem and my mail and server are going down too often. I have talked to my server guys but they don't seem to know what do to about it. Can someone recommend a plan of action for me to take to stop this from happening once and for all?

Thank you!

marinajc is offline   Reply With Quote
Old 04-04-2006, 04:24 PM   #2
Daemon Poster
Hackslayer's Avatar
Join Date: Feb 2006
Posts: 819
Default Re: Server Exploits

ok you confused me throughout the whole thing you got a virus did you delete, that virus ? you should report these people that are spaming and block there ip i'm not sure what this about but it sounds more like a security question. please explain a little better.

life is a fight, rest is for the dead so fight til you've earned rest: I'm watching you you know who you are
Hackslayer is offline   Reply With Quote
Old 04-17-2006, 03:38 PM   #3
Daemon Poster
uid=[0]'s Avatar
Join Date: Apr 2006
Posts: 906
Send a message via Yahoo to uid=[0]
Default Re: Server Exploits

what OS are you using? Name/Brand/Version same with apache
"Security is nothing more than a thought that makes you sleep well at night." - Me
Wireless Network Security Spec.
uid=[0] is offline   Reply With Quote

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

All times are GMT -5. The time now is 12:36 AM.

Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2018, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0