|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
02-24-2010, 09:21 AM
|
#1 |
|
I have a plan B
Industry Role:
Join Date: Aug 2004
Location: Seattle - Miami - St Kitts
Posts: 5,501
|
FTP Client Passwords hacked: Beware
I use FileZilla and my server passwords were compromised and malicious code added to several of my sites. The code was an iframe link sending to a site in the Netherlands that put the Security Central virus on peoples computers. Nasty little bastard.
Virus or Malware scanners will not find it. It is an iframe link just after the body tag in infected sites. Only html and htm files. Turns out, FileZilla does not encode anything and keeps your login data in an XML file that can be sniffed out. There are about 10 ftp clients susceptable to this and you can find more info at this link: http://blog.unmaskparasites.com/2009...dentials-from/ Solution is not to let the ftp program to save your login info. Also switch to secure protocol. I have switched back to WinSCP.
__________________
CryptoFeeds |
|
|
|
02-24-2010, 09:23 AM
|
#2 |
|
Junior Achiever
Industry Role:
Join Date: Nov 2004
Location: Walled Garden
Posts: 17,066
|
Eeekkk! I use FileZilla. Thanks for the heads up.
|
|
|
|
|
02-24-2010, 12:01 PM
|
#3 |
|
Coupon Guru
Industry Role:
Join Date: Mar 2009
Location: Minneapolis
Posts: 10,973
|
using ftp also sends your passwords over the internet, in clear text.
I'm amazed that the adult industry doesn't use sftp or scp 
__________________
Webmaster Coupons Coupons and discounts for hosting, domains, SSL Certs, and more! AmeriNOC Coupons | Certified Hosting Coupons | Hosting Coupons | Domain Name Coupons   |
|
|
|
|
02-24-2010, 12:05 PM
|
#4 |
|
Now choke yourself!
Industry Role:
Join Date: Apr 2006
Posts: 12,085
|
This issue has been in several trojans/viruses/etc over a year.
Any program who offers free FTP/virtualhosting needs to be aware they will be plagued with this.
__________________
|
|
|
|
|
02-24-2010, 12:36 PM
|
#5 |
|
Fuck Checks, CASH only!
Join Date: May 2002
Location: New York City
Posts: 19,422
|
firewall the ftp too it helps
__________________
 Spanking, Medical Fetish, Sleeping, Strap-on Anal Lesbians, Girls Fucking Guys, Handjob site REAL HOT, Shemales, Anal and Ass Licking sites 100% Real EXCLUSIVE with amazing retention, ccbill payouts, lots of content FREE FTP HOSTING Promote the largest and oldest member paid escort site, Converts 10 times better then any dating site, CCBill payouts ICQ# 158802076 |
|
|
|
|
02-24-2010, 12:49 PM
|
#7 |
|
Confirmed User
Industry Role:
Join Date: Mar 2002
Location: c9media.com
Posts: 3,240
|
avast detects the virus http://www.avast.com/
also search for gumblar-family-virus-removal-tool there are some tools to automatically fix all files on your server |
|
|
|
|
02-24-2010, 02:11 PM
|
#8 |
|
Confirmed User
Industry Role:
Join Date: Sep 2003
Location: NZ
Posts: 673
|
Seems more likely that you had an insecure script on one of your sites that lead to this.
__________________
-- react |
|
|
|
|
02-24-2010, 02:18 PM
|
#9 |
|
Confirmed User
Join Date: Feb 2010
Posts: 210
|
FireFTP. Addon to FireFox. It has sftp built in (just needs to be selected). If your server doesn't support sftp (SSH), get on your host about it. FTP username/passes are sent over the net plain text. Packet sniffers can pick them up, and you're boned.
It's free, -Chris
__________________
  |
|
|
|
|
02-24-2010, 03:32 PM
|
#10 |
|
Confirmed User
Join Date: Aug 2004
Location: My dog is blacker than Tupac
Posts: 5,471
|
Lock down the FTP just to approved Ips
|
|
|
|
|
02-24-2010, 03:33 PM
|
#11 | |
|
Confirmed User
Join Date: Aug 2004
Location: My dog is blacker than Tupac
Posts: 5,471
|
Quote:
|
|
|
|
|
|
02-24-2010, 05:01 PM
|
#12 |
|
Confirmed User
Join Date: Aug 2006
Location: Los Angeles
Posts: 600
|
SSH all the way and use Ws FTP pro
__________________
MUTTCASH! Start Earning today! www.muttcash.com |
|
|
|
|
02-24-2010, 05:36 PM
|
#13 | |
|
I have a plan B
Industry Role:
Join Date: Aug 2004
Location: Seattle - Miami - St Kitts
Posts: 5,501
|
Quote:
__________________
CryptoFeeds |
|
|
|
|
|
02-24-2010, 05:40 PM
|
#14 | ||
|
Confirmed User
Join Date: Aug 2004
Location: My dog is blacker than Tupac
Posts: 5,471
|
Quote:
Quote:
I am pretty sure its same one It was something to do with Abobe PDFS if I remember correct Some kinda exploit thing Not sure if any anti virus even ever found it Sorry I can not be of more help for you |
||
|
|
|
|
02-24-2010, 10:28 PM
|
#15 |
|
Industry Role:
Join Date: Aug 2001
Posts: 63,151
|
ruff:, Northn sucks big time, try Avast, it's free for home use
 |
|
|
|
|
02-24-2010, 10:37 PM
|
#16 |
|
Confirmed User
Industry Role:
Join Date: Sep 2007
Location: Los Angeles
Posts: 2,706
|
ALL FTP IS SENT IN PLAIN TEXT.
You need to use SFTP or SCP.
__________________
www.SwiftNode.com |
|
|
|
|
02-24-2010, 10:48 PM
|
#17 | |
|
Too lazy to set a custom title
Join Date: Dec 2006
Posts: 23,400
|
Quote:
__________________
i like waffles |
|
|
|
|
|
02-24-2010, 10:51 PM
|
#18 |
|
Confirmed User
Industry Role:
Join Date: Mar 2004
Location: Great White North
Posts: 5,794
|
There is about 100 threads on this board about Filezilla passes being compromised. Get a real solution.
EDIT - Ok, maybe not 100, but several (and on other boards as well).
__________________
LinkSpun - Premier Adult Link Trading Community - ICQ - 464/\281/\250 Be Seen By New Webmasters/Affiliates * Target out webmasters/affiliates based on niches your sites are for less than $20 a month. AmeriNOC - Proudly hosted @ AmeriNOC! |
|
|
|
|
02-24-2010, 11:31 PM
|
#19 |
|
Too lazy to set a custom title
Industry Role:
Join Date: Jun 2005
Location: 127.0.0.1
Posts: 27,047
|
sftp
__________________
Make Money
|
|
|
|
|
02-24-2010, 11:33 PM
|
#20 |
|
Confirmed User
Industry Role:
Join Date: Jul 2009
Posts: 413
|
unless u ssl ftp
but thats still not 100% secure as the data build goes plain text first i belive  |
|
|
|
|
02-25-2010, 06:12 AM
|
#21 |
|
Confirmed User
Join Date: Jun 2007
Posts: 160
|
Afaik even if you used secure connection your FTP logins would be compromised since this is local exploit / malware! You need to patch your software and clean your PC. Secure connection helps when 3rd party has access to your connection and can monitor / analyze your Internet traffic.
Also you need to analyze FTP logs and see if files were modified through FTP service to make sure problem is not with some unpatched script on your server!
__________________
dlXer - web design, developing, managed hosting, website optimizations |
|
|
|
|
02-25-2010, 06:29 AM
|
#22 | |
|
Guest
Posts: n/a
|
Quote:
|
|
|
|
|
02-25-2010, 06:30 AM
|
#23 | |
|
Too lazy to set a custom title
Industry Role:
Join Date: Mar 2003
Location: Homeless
Posts: 62,912
|
Quote:
__________________
PornGuy skype me pornguy_epic AmateurDough The Hottes Shemales online! TChicks.com | Angeles Cid | Mariana Cordoba | MAILERS WELCOME! |
|
|
|
|
|
02-25-2010, 06:46 AM
|
#24 |
|
Webmaster Extraordinaire
Industry Role:
Join Date: Jul 2002
Location: A beautiful beach...
Posts: 10,744
|
WS FTP is the best... you get what you pay for
|
|
|
|
AIM: GrouchyGfy
BUY MY SIG - 50$/Year
