• 3591閱讀
  • 42回復

[論壇公佈]發現有2個網頁檔案被插入程式碼問題已修復,用戶請即採取下列措施 [復制鏈接]

上一主題 下一主題
離線ecko
發帖
623
好友元
7839
閱讀權限
3034
貢獻值
0
只看該作者 30  發表于: 2013-05-02
回 freezefox 的帖子
freezefox:定係我地自己都可以攪得掂。 (2013-05-02 21:37) 

呢D 野, 唔想自己搞~ 始終人地先係專家~
離線ecko
發帖
623
好友元
7839
閱讀權限
3034
貢獻值
0
只看該作者 31  發表于: 2013-05-02
回 ecko 的帖子
ecko:呢D 野, 唔想自己搞~ 始終人地先係專家~ (2013-05-02 22:06) 

重有~ 有D 野唔係我地自己可以做到~
離線freezefox
發帖
160018
好友元
326002
閱讀權限
259660
貢獻值
13
只看該作者 32  發表于: 2013-05-02
回 ecko 的帖子
ecko:重有~ 有D 野唔係我地自己可以做到~ (2013-05-02 22:07) 

但頭先你又話你有COCERN?


YFF 已死!!這是 Fantrax 的新時代!!
離線ecko
發帖
623
好友元
7839
閱讀權限
3034
貢獻值
0
只看該作者 33  發表于: 2013-05-02
回 freezefox 的帖子
freezefox:但頭先你又話你有COCERN? (2013-05-02 22:22) 

係有少少concern~
不過佢出到 reset a/c 黎搞我地d server, 咁我不如比佢啦~
離線freezefox
發帖
160018
好友元
326002
閱讀權限
259660
貢獻值
13
只看該作者 34  發表于: 2013-05-02
回 ecko 的帖子
ecko:係有少少concern~
不過佢出到 reset a/c 黎搞我地d server, 咁我不如比佢啦~
[表情] (2013-05-02 22:24) 

RESET 左啦?定係建議咋?


YFF 已死!!這是 Fantrax 的新時代!!
離線ecko
發帖
623
好友元
7839
閱讀權限
3034
貢獻值
0
只看該作者 35  發表于: 2013-05-02
Dear Daniel,
We have already secured your server. Please note several changes have been made in DirectAdmin Control Panel
1) Brute Force Monitor - This is to monitor the past 4 days of Brute Force. Only monitors, it won't do anymore than this
2) ConfigServer Firewall&Security - This is a firewall and login failure daemon, what it does it will monitor any brute force and send to the firewall for blocking. You can also key in IP address and click "Block" in a very convenience way.
Additionally, we have made some further security
1) PHP - disable some basic dangerous function - shell_exec(), dl() and etc...
2) Port Change - From 22 into xxxx to minimize brute force into SSH
3) Renamed /home/admin/public_html/index.php into virus.index.php. This is because it is scanned to have virus linkage by Norton.
The new Directadmin password is sent to you, please change accordingly.
[ 此帖被ecko在2013-05-02 22:42重新編輯 ]
離線ecko
發帖
623
好友元
7839
閱讀權限
3034
貢獻值
0
只看該作者 36  發表于: 2013-05-02
For 大家 information

最初 send 比support 既 email:

Dear Geeks Concepts's Support,

We currently using Geeks Concepts Dedicated Server Service. However, we found there is "brute force ssh attack" to our server. There are hugh number of failed SSH login attempts to our server and they are trying to "guess" our account and password. Please find the access log in the attachment (Access Log.png).

Unfortunately, unauthorized access from anonymous has been done and some of our webpage has been changed by hacker.
We had removed the webpage and password had been changed to prevent their access. However, the hacker can access our server again and change webpage again.

I am sure that you must be the expert to solve the similar problem in other server. Would you please help to suggest if there is any tool (block the ip from accessing the server after several failed login attempts) from your side to implement in our server to prevent unauthorized access?

I have some idea to prevent the unauthorized access but I am sure that your solutions will be better. Please help to check if the following can be implemented to our server.

1. Change SSH port from port 22 to another port
2. Configure CentOS to drop packets from anyone but some trusted ip address
離線freezefox
發帖
160018
好友元
326002
閱讀權限
259660
貢獻值
13
只看該作者 37  發表于: 2013-05-03
原來佢已經reset左


YFF 已死!!這是 Fantrax 的新時代!!
離線freezefox
發帖
160018
好友元
326002
閱讀權限
259660
貢獻值
13
只看該作者 38  發表于: 2013-05-06
跟進一下,供應商個邊己經作出數個改動。如果問題仍然得唔到改善,請通知。


YFF 已死!!這是 Fantrax 的新時代!!
離線垃圾桶
發帖
18232
好友元
71042
閱讀權限
80931
貢獻值
3
只看該作者 39  發表于: 2013-05-06
我地會keep mon住個情況
方便大家Save & Print

fb: peterkl
垃圾桶四Be
Be Courteous, Be Kind, Behave, Be Patient
要為自己加油,彼得加油!!
惜日的光輝只停留在惜日;今日的光輝只停留在今日;明日的光輝只靠自己努力;彼得我一定可以再做奇蹟!!
離線freezefox
發帖
160018
好友元
326002
閱讀權限
259660
貢獻值
13
只看該作者 40  發表于: 2013-05-06
另外有封咁既電郵,關於供應商改名事宜。

Dear Customer

Regarding to Company Name Change

In order to our company to move forward and to offering a lot more services, we would like to announce starting 1st May 2013, we will change our company name as follow:

GEEKS CONCEPTS LIMITED >>>> GEEKS

Apart from our company name changed, our bank account will also be changed. We will notify you by another email and will be posted by letter for verification of our identity. Our new bank account will begin active on 1st May 2013 and we hope all customers to transfer to our new account accordingly. If you accidentally paid to our old account, it is fine, we will stop receiving payment of our old account on 14th May 2013.

您好

有關轉公司名稱事宜

讓我們繼續提供更多服務,我們將會在五月一日起使用以下新的公司名稱
GEEKS CONCEPTS LIMITED >>>>> GEEKS
除了轉公司名字外,我們也會更改銀行帳戶號碼。新的帳戶號碼將會以另一電郵及郵件寄給客戶。
請閣下從五月一日起使用我們新的銀行帳戶號碼支付服務費用。如客戶將費用支付到舊的銀行帳戶,我們會繼續收集直至五月十四日。


Thanks
Geeks Concepts Limited


YFF 已死!!這是 Fantrax 的新時代!!
離線ecko
發帖
623
好友元
7839
閱讀權限
3034
貢獻值
0
只看該作者 41  發表于: 2013-05-09
2013-05-09 Update

暫時冇再發現可疑既access log

離線freezefox
發帖
160018
好友元
326002
閱讀權限
259660
貢獻值
13
只看該作者 42  發表于: 2013-05-09


YFF 已死!!這是 Fantrax 的新時代!!