[LINK] Mass Infection of IIS/ASP Sites plants malware on thousands of webpages
Stilgherrian
stil at stilgherrian.com
Thu Jun 10 17:24:28 AEST 2010
On 10/06/2010, at 5:15 PM, Rick Welykochy wrote:
> For a while, whenever I received a phishing email I used to check what
> kind of web server was used for the exploit. Every time, it was an Apache
> web server running on Linux, and more times than not with (insecure) PHP
> installed. There are many vectors of intrusion into *nix boxes, often via
> software frameworks installed on top of the web server, e.g. Wordpress
> on Apache as but one example. If you are on the security notification
> lists you will know what I am talking about.
>
> Conclusion: unless you or your admin is wary and knows what they are
> doing, your server can probably be hacked with ease.
A +1 on that from me.
I was only reading today that the majority of folks breaking into websites do so not thru vulnerabilities in the web server or operating system, but through poorly coded websites in whatever language on whatever platform. That might be bespoke code by a "web designer" who has little clue about secure software development practices, or through a content management system (CMS) which was installed when the website was built but never updated since.
Stil
--
Stilgherrian http://stilgherrian.com/
Internet, IT and Media Consulting, Sydney, Australia
mobile +61 407 623 600
fax +61 2 8569 2006
Twitter: stilgherrian
Skype: stilgherrian
ABN 25 231 641 421
More information about the Link
mailing list