Date: Wed, 09 Dec 2009 18:40:17 -0600 From: Squirrel <squirrel@mail.isot.com> To: "FreeBSD-STABLE Mailing List" <freebsd-stable@freebsd.org> Subject: Hacked - FreeBSD 7.1-Release Message-ID: <bd52e0bd614fbaffcf8c9ff9da35286e@mail.isot.com>
next in thread | raw e-mail | index | archive | help
My server was hacked, and the hacker was nice enough to not cause damage except changing index.php of couple of my websites. The index.php had the following info: "Hacked By Top First Warning That's Bug From Your Servers Next Time You Must Be Careful And Fixed Your Site Before Coming Another Hacker And Hacked You Again Sorry Admin And Don't Worry Just I Change Index ALTBTA For Contact : l_9@hotmail.com Best Wishes" Of course, I sent him email, just in case it's valid, asking how he did it or how should I patch things up. But haven't got a reply yet. I've looked at all the log files, particularly auth.log, although there were thousands of login attempts to SSH and FTP, but none succeeded. And I don't know where else to look, please help. I'm using FreeBSD 7.1-Release with below daemons Apache 2.2.11 ProFTP 1.32 OpenSSH 5.1 Webmin 1.480 MySQL 5.0.67 BIND 9.6.0
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bd52e0bd614fbaffcf8c9ff9da35286e>