Quote:
Originally posted by Tino
thought so. Thanks.
Guess ill name my scripts something like klj354l5n5f.cgi from now on.
|
always a good idea if possible!
Would you please post a full list if the files/paths they were looking for Tino?
Also, can you see if each attempted connect is from the same IP? Could be a small chance this person uses a real IP when simply checking sites for known script names like that.
Quote:
The most common hack right now is the additonal or installation of a 1X1 frame on the bottom of TGPs. That frame loaded a toolbar / malware as well as other "features" that you don't want. It uses a known hack to install on IE without permission and without notice.
Keep your eyes open.
Alex
|
Anyone who has seen this and can let us know of filenames used or a unique string in the code added to pages please do... to help me scan my servers for it.
Also, does anyone know how this person is gaining access yet? via an insecure script like Tino was being scanned for maybe?
2004-09-09, 08:52 AM
Threaded Mode