C99Shell :: Protect My Server For Shell Attacks Via C99 And H57?
Sep 1, 2008
I have few scripts, but hackers again upload at some way c99, and hack some SMF forums at server. Server like server they cannot hack, but user account they can. So please tell me what you advice?
View 6 Replies
ADVERTISEMENT
Aug 15, 2008
how i can detect and disable C99 shell and another shell script exp:r57 ....
View 9 Replies
View Related
Oct 19, 2007
Is there a way to stop them totally? i.e. even though they are successfully uploaded but I do not want the source to be available to them etc.?
I mean, is there a way to hide or not allow them to execute any shell?
View 7 Replies
View Related
Apr 11, 2009
some body attacking on my server and changing my users profile name /password or any other information so How To Protect MySQL Database From My SQL Injection Attacks? i have dedicate server i provide free wap sites to people with wildcard dns system and i have ConfigServer Security & Firewall installed.
View 3 Replies
View Related
Jul 13, 2008
Recently my site was defaced, (i own a dedicated server), my server was not touched, but one of the applications I used on the site was exploited to gain access to it.
I have noticed 4 or 5 c99 shells in different locations on my ftp. The site is back online, but it's definitely possible that they have one of these hidden somewhere and that they'll just do it again. I am using cent os 5
How can I easily search for these on my box? Can I disable their functionality? is there setting I can use in htaccess or something to make my website safer? I visited one of the scripts, and it said SAFEMODE OFF, how can I at least enable safemode?
I don't know much of anything about linux, but I am running cpanel and WHM. I have a guy who manages my box but he is hard to get a hold of sometimes, and I'd like to take care of this ASAP!
View 6 Replies
View Related
Oct 22, 2009
how to protect an linux dedicated server from bot attack. Im using linux server with cPanel, using CSF firewall + DOS Deflate.
View 5 Replies
View Related
Oct 11, 2009
I can see lot of MSSQL Server attacks. In event viewer "Login failed for user 'sa'. [CLIENT: Some IP]"
Most of the attack coming from Chaina. Tipically what I'm doing manually is get that entire IP range and block from Windows Firewall level.
Now I have plenty of blocked IP ranges all over the world.
What would be the best way to avoid from those kind of attacks ?
View 6 Replies
View Related
Apr 30, 2008
there are some game types out there that are not protected from any type of udp flood attack. I have been doing a lot of work (my servers are linux) and blocked this by coding a bash script running every second checking tcpdump for the amount of current UDP connections and blocks the ip witch has more than a certain number of current UDP connections. This works perfeclty, but it firewalls the ip AFTER the attack started.
I am really interested into blocking this attack fully. Limiting the number of current connections (UDP) from an ip to a certain amount to block this attack totally. I have been looking around a lot and have had no luck. From what I have found, there is no way to do this with iptables or ipchains. It is possible for TCP though, but I could not find it for UDP. Could anyone help me out here.
Just to let you know, I do run a firewall, but it would never pick up this type of attack unless it was major. This is more like a game type bug (firewall thinks the packets are fine, player packets going to the game server).
View 13 Replies
View Related
Apr 6, 2009
how to protect Windows server from Mpack?
View 1 Replies
View Related
Aug 14, 2008
How to protect a folder in cpanel server without using slash
View 4 Replies
View Related
Jun 25, 2008
today i have DDos Attack in my server in port :80
what is the better way to secure my server from DDos Attack
View 14 Replies
View Related
May 31, 2008
Background (so you know what I am planning)
I will be storing personal customer information in mysql, so security is driving all my requirements. I was thinking the architecture will be :-a dedicated web server within a DMZ and placed behind a firewall and border router.
a dedicated database server inside the internal network behind another firewall,
All running Linux
building out and management of the servers to be done by hosting provider or third party
Please feel free to comment on this setup.
QuestionsIs a reverse proxy a benefit for security.
Am I right in saying that a reverse proxy hides the OS and server details from prying eyes and provides another layer of security
if a reverse proxy server is a benefit, is it normally the default architecture at most reputable hosts.
View 0 Replies
View Related
Dec 22, 2007
I got my game servers hosted on a windows server (with w2k3).
I want to know what software u guys advise me to use on it to protect it!
Someone told me that keep windows up to date wont get me any problem, but i just dont believe.
SO i want oppinion from wht members.
And since im here i want to report other thing... For an email service? Windows mail server, or something like exchange mail server?
View 13 Replies
View Related
Jan 15, 2007
Is it possible to do it through a standard FTP package?
View 2 Replies
View Related
Feb 19, 2014
Is there a way to protect apache server from overload? For example Nginx has a module called SysGuard when system load or memory use goes too high all subsequent requests will be redirected to the URL specified by the 'action' parameter.
View 1 Replies
View Related
Mar 25, 2008
I have a cPanel dedicated server and have a lot of spam attacks on this server. It's getting so bad that our IP is being added to Yahoo & AOL blacklists and my emails are bouncing to these accounts.
Is there anyone on here who can do a thourough check on our server and install anything necessary to stop this kind of activity?
View 5 Replies
View Related
Dec 6, 2008
i am getting hundreds of theses in my mail log each day, trying different names etc and want to put a stop to them and auto ban the ips.
I have APF
View 2 Replies
View Related
Jul 3, 2007
I have dedicated server at GoDaddy and I am hosting very important web service for our company. We have only one HDD on server and no FTP backup. What is the best method to protect data and whole server from HDD crash? Is it enough to add second HDD?
View 8 Replies
View Related
Jul 4, 2014
how to protect Linux Server from Ddos Attack (Botnet, Loic)
View 2 Replies
View Related
Jul 8, 2008
Do any1 know how to change jail shell to normal shell?
View 14 Replies
View Related
Mar 4, 2007
i did make a big message on here but it deleted when i back spaced
my website is aviation cafe dot net / sample and i need you to help me with password protecting a webpage, i wanted the address to be / the silver sword and definitly not to look like it does now.
username: webforum
pass: password
View 4 Replies
View Related
Jul 30, 2009
I found these folders in the root
/usr/bin/c99
/usr/include/boost/numeric/interval/detail/c99_rounding_control.hpp
/usr/include/boost/numeric/interval/detail/c99sub_rounding_control.hpp
what are these ? is it normal folders ? or somebody hacked our server?
what shall I do?
View 10 Replies
View Related
Jul 1, 2009
I just installed zen cart on my webhosting and after few days later i saw some file written like core1405.php and when i open to view the file it is actually trojan c99shell.
I have deleted all of the core file. Now how can i prevent it from happen again? Cause it is too much work to clean up the hosting server.
View 14 Replies
View Related
Nov 5, 2009
How to stops the scripts like c99 shell from installing into the server?
View 1 Replies
View Related
Jun 5, 2007
I installed modsecurity from Addone module in Cpanel
When I try to apply phpshell woork good without a mistakes and I can do anything despite of the presence of protection modsecurity and disable_functions in php.ini.
Is there a particular settings add to the httpd.conf to prevent application phpshell or prevent upload it to the site?
View 14 Replies
View Related
Jun 25, 2007
guys im tired off fighting those hackers everyday! i have about 20 websites,and everyday i have one of them hacked! i restore a backup then another one hacked!
thats unbelivable!!!
those bastards upload there shell scripts to websites via bugs or whatever from php files!!
is there anyway to stop these commands?
can .htaccess helps? how?
i talked to my webhosting companies for my websites! ....
View 10 Replies
View Related
Sep 3, 2007
the biggest security issue i have with my clients is php c99 shell and similar php files, somehow these files uploaded on the website and from here they start attacking the websites.
i have seen also that once you upload the c99 php file you are able to see the accounts information ( such as a user name ) on the same server
so is there any way to disable this kind of php file or at least disable some function within the file!
i have been thinking to install and run a antivirus on the server , but i see sometimes they upload the encrypted version of the file , so the antirus can't catch the file as a torjan!
View 14 Replies
View Related
Jul 28, 2009
How I can secure my server from vulnerabilities and threats and ddos attack? How can I find my server is compromised or hacked?
Which ports I should check, what commands I should fired on shell prompt? which softwares you will recommend.
View 14 Replies
View Related
Oct 3, 2007
i want to prevent c99shell scripts from running.
I found this rule to detect URI's for the c99 shell.
#new kit
SecFilterSelective REQUEST_URI "/c99shell.txt"
SecFilterSelective REQUEST_URI "/c99.txt?"
My problem is that the hackers are being more stealthy and calling the
script some random name like .../myphpstuff.php. So the URI no longer helps detect it.
How could I detect "c99shell" in the actual file that apache servers? This assumes that the hacker was successfully in installing it.
my box
Apache 1.3.37
WHM 11.2.0 cPanel 11.11.0-R16983
FEDORA 5 i686 - WHM X v3.1.0
View 3 Replies
View Related
Dec 16, 2007
One of our customers uploaded C99Shell script on my server, and he can access to another accounts,
I upgraded php to 5 but he can access with this script to another accounts yet, what should I do to disable this script or other one?
View 14 Replies
View Related
May 20, 2008
i have server and i want to do shell scan and delete the shell
View 4 Replies
View Related