Go Back   DaemonForums > FreeBSD > FreeBSD Security

FreeBSD Security Securing FreeBSD.

Thread Tools Display Modes
  #1   (View Single Post)  
Old 6th June 2009
rtwingfield rtwingfield is offline
Real Name: Ron Wingfield
Port Guard
Join Date: Oct 2008
Location: Little Rock, AR USA
Posts: 36
Default Dark Mailer dm.cgi

Having run Apache on a FreeBSD box since January 2002 with no serious hacks, I've recently been hacked by someone who installed Dark Mailer (dm.cgi) . . .what a pain in the "reverse lookup".

I've started this thread as a "place holder" for anyone who might have some experience dealing with this sort of thing.

FYI, here's a WikipediA link: http://en.wikipedia.org/wiki/Dark_Mailer

Apparently, the culprit hacked my FreeBSD userid and installed the Dark Mailer system in a cgi-bin directory. I confess . . .I was experimenting with making mysql available from a website and mysqld was running without a password for a day or two (my mistake). Also, I found some "apache" logs where I had inadvertently used my FreeBSD password rather than the password from .htpasswd regarding a webpage .htaccess passwd, and since the server is not running SSL, the passwd was very obvious. (We're going to step up to the plate and purcha$e the certification.)

I'm interested in suggestions regarding latest firewall technology, etc. to guard against this sort of hack.

Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Your favourite mailer graudeejs General software and network 25 4th August 2008 10:28 AM

All times are GMT. The time now is 06:37 PM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick