Folks Broke In - I Blame Myself

Results 1 to 3 of 3

Thread: Folks Broke In - I Blame Myself

  1. #1
    Carl Camera Guest

    Default Folks Broke In - I Blame Myself

    Hi. I&#039;m learning ASP and I added the IIS5 feature to my Win2kPro box at home -- which is connected to a cable modem. <BR><BR>Things around the house are pretty busy and no configuration was done for about a week. Well, yesterday I see that someone gained access to the web portions of my system (I hope only my web portions) and posted some naughty words onto every subfolder of my web server. I should have known better than to simply let it sit there.<BR><BR>In response to the break-in I then <BR>* un-installed IIS5<BR>* deleted the c:web folder<BR>* reinstalled IIS5<BR>* removed anonymous access to FTP<BR>* removed anonymous access to HTTP<BR>* removed anonymous access to SMTP<BR>* changed the IIS_computername password<BR>* changed the ???_computername password (other userid)<BR>* upgraded the file system to NTFS<BR><BR>Now it appears that even I cannot view ASP pages on my machine. <BR><BR>So my questions are:<BR>1. What are the chances that other parts of my computer were also exposed? I don&#039;t see any obvious harm and these folks were pretty blatent.<BR>2. What steps will allow me to test my asp scripts while protecting my asp files from intruders?<BR><BR><BR>Thanks.

  2. #2
    Jamie Toelle Guest

    Default RE: Folks Broke In - I Blame Myself<BR><BR>read that.

  3. #3
    Join Date
    Dec 1969

    Default RE: Folks Broke In - I Blame Myself

    My advice would be: don&#039;t take any chances. Your box has been compromised and there&#039;s no telling what level of access the intruder has achieved. There&#039;s also no guarantee that this is your ONLY compromise - just cause the s&#039;kiddies graffiti&#039;d your IIS doesn&#039;t mean someone hasn&#039;t installed SubSeven as well. In fact most of the exploit scripts will install trojans by default. So be safe: REFORMAT, REINSTALL (from original media).<BR><BR>I&#039;d also advise you to head over to and download ZoneAlarm (the personal edition is free) - it&#039;s a pretty good personal firewall. Next, hit Windows Update and grab all the critical security updates.<BR><BR>Cable modem and ADSL users are prime targets for intrusion, because they&#039;re always-on and are excellent attack devices. Be careful!<BR><BR>Dunc

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts