Quote:
Originally Posted by Spudman
you have to change the permissions of ST after the install, the standard permissions are still vulnerable to the hack. I finally have a safe working version of ST on my server now and a script that will update all my new installs of ST to correct, safe permissions.
I installed ST to replace CT and it was hacked within about 2 mins until i did the above. Its a bitch of a hack  |
Also need to check for malisious bots/programs running hidden as httpd. Easy to find if you do a ps auxwwwww and see something like [httpd] or related then followed by a blank line under it and some random word like start or log etc.
Also please check your /tmp folder so its set to noexec so pearl scripts cannot be ran out of this location after being uploaded.
I can go on and on but thats the jist of it.