[GeoStL] hack info

• From: "Mike Griffin" <griff@xxxxxxxxxxxx>
• To: <geocaching@xxxxxxxxxxxxx>
• Date: Sat, 27 Aug 2005 18:21:55 -0500

Here's whats up....

 This happened to us in February... the hackers used a security hole in phpBB2. 
I had to replace the index files for 120 sites from our nightly backup. After 
updating to the latest PHP and additional packages, the server is safe again.

You should have a look through your Apache log files. Search for 
"system(chr(101)" or "echr". Usually these kind of requests indicate an attack.

You might want to secure your server using something like mod_security: 
http://www.modsecurity.org 

Mike

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription