Quote:
Originally posted by lvadavid
We run our servers on Windows NT 4.0 (yes I know, it's time to upgrade or leave Windows).
Recently it appears someone from Europe has hacked into our servers and uploaded movie and games files to share with others. ALso, they deleted a number of our Weblogs.
Anyone else experience this? Any tips for preventing it? Can they do serious harm to our servers if they want to?
Thanks.
David
|
Turn off "Allow anonymous connections" in the Security Accounts tab of your FTP site in IIS. The same thing happened to me - they left music/porn/games in directories which are hard to delete (i.e. system names and special characters). It's a stupid thing but with the wrong permissions and the fact IIS has this option set by default, it's easy for people to gain access and create these things. Found
this URL which may help if you have loads of 'tagged' dirs on your root folder...
HTH.