Hacker exploiting Local Service account and uploading files in Windows Server 2003
hi there,
i have no idea how happening , 1 of can enlighten me.
my hard drive on vps ran out of disk space today though had 9gb available yesterday. strangely enough occured after installed smartermail, i'm not sure if 2 events linked or not, seem fighting loosing battle.
basically following folder keeps filling looks pirate software
"c:\documents , settings\local service\shared"
how on earth stop happening? local firewall enabled http, pop3 , smtp enabled port 1111 whatever ____ for.
this doing head in, advice appreciated.
nick.
i have no idea how happening , 1 of can enlighten me.
my hard drive on vps ran out of disk space today though had 9gb available yesterday. strangely enough occured after installed smartermail, i'm not sure if 2 events linked or not, seem fighting loosing battle.
basically following folder keeps filling looks pirate software
"c:\documents , settings\local service\shared"
how on earth stop happening? local firewall enabled http, pop3 , smtp enabled port 1111 whatever ____ for.
this doing head in, advice appreciated.
nick.
i found out how hacker uploading files. indeed via port 1111 , backdoor trojan. main reason didn't remove firewall settings "blue" , couldn't change check state.
to be honest i'm surprised can configure rule in firewall in such way, poor server management, if it's done via registry editing.
how trojan got on there anyones guess, honest, site , running whole year until installed smartermail, can presume introduced weakeness site exploited, 1 not using again.
to be honest i'm surprised can configure rule in firewall in such way, poor server management, if it's done via registry editing.
how trojan got on there anyones guess, honest, site , running whole year until installed smartermail, can presume introduced weakeness site exploited, 1 not using again.
Windows Server > Security
Comments
Post a Comment