« Awstats Exploit | Main | More About Apache Log File Rotation »

May 28, 2005

Email Problem Follow-up

It has been one week since I stopped postfix and disabled the mail command (#chmod 444 /usr/bin/mail), everything seems fine. I restarted postfix and notified my ISP, they told me they would keep watching this server. Since this server doesn't host any critical or major websites, I can take the risk - if anything bad happens again, I will make an OS reload.

According to some Blogs about Awstats exploit, the hackers modified their web pages and very probably gained shell access. Assuming the spammer didn't gain my shell account, that could be because:

1. The spammer is not "professional enough" to hack into my box - this is very unlikely, since they used the exploit for "business purpose".

2. FreeBSD is more secure, he wasn't able to gain the shell account even they used the exploit and had enough time. I have to love FreeBSD more if that's the case.

Category : Security

Posted by FreeBSD Newbie at May 28, 2005 03:50 AM

Comments

Post a comment

Name:

Email Address:
(Optional, will not be shown to the public)

Remember Me? YesNo

Comments: (Comment with any URL will be discarded due to crazy spambots.