PDA

View Full Version : About FTP

Dr Ciel
6-21-04, 09:54 AM
Hello ^_^; I am having a bit of confusing problem right now. I am not sure if I am placing it in the right section but forgive me if I did. (Bows) Anyway, I am very confused about 2 files in my FTP account, is one call "14:58" and another one call "a" I don't know what they are use for nor what they do this is the first time I seen them in my account and NO ONE has access to it...So wondering if you guys added it or someone had tried to hack my accounts. =/
NMS
6-21-04, 11:23 AM
Powweb did not add anything. Rename them immediately or delete them (to be more sure)
BerksWebGuy
6-21-04, 11:42 AM
I would also change your FTP password just to be safe.
James
6-21-04, 01:17 PM
Do you have any cron jobs or CGI scripts that attemtp to write to a file?? I looks like something that would have been produced by a malfunctioning script...
Dr Ciel
6-21-04, 03:30 PM
Do you have any cron jobs or CGI scripts that attemtp to write to a file?? I looks like something that would have been produced by a malfunctioning script...


No, I rename my files all the time, so they don't change...and yeah, I did change the passwork because of it. Thanks you guys! ^_^
Dave
6-21-04, 07:22 PM
Hi Dr Ciel,

I looked through those directories and found what appears to be hacker tools and root kits. I very highly recommend you change all of your account passwords (webuser, ftp, etc) and make them "strong" (a combination of letters and numbers) to better secure your website.

In the meantime, I deleted the offending directories.

Cheers,
James
6-21-04, 07:29 PM
And as always... if you don't use FTP on a regular basis, we recommend you disable your user ftp login when your done. You should also make sure any php or cgi scripts you have with passwords are not group or world readable, and you should use seperate username's and password for all your services, including mysql, ftp, pop3, and especially OPS.
Dr Ciel
6-21-04, 10:03 PM
Hi Dr Ciel,

I looked through those directories and found what appears to be hacker tools and root kits. I very highly recommend you change all of your account passwords (webuser, ftp, etc) and make them "strong" (a combination of letters and numbers) to better secure your website.

In the meantime, I deleted the offending directories.

Cheers,


Thank you so much ^_^ I am working on it.