Hacker's fault.

Just to clarify this point - securing /tmp with noexec is not simply a chmod permissions command - /tmp needs to be chmod 0777 or things'll start going whacky. You need to mount /tmp with
mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp

or something similar and have it constantly mounted with noexec from fstab.

lol classic... but really, the answer is in the question, whoever's "managing" the server is at fault...

How so????
Like scannerX said - there is not a single server out there that is unhackable. The only ones which are unhackable afrom external sources re the ones unplugged from the internet.

archive.org

I've written a few HOWTOs over at SplitInfinity on a few "absolute musts" to securing your server....
nothing there on firewalls, since everyone has their own flavour (you are running a firewall aren't you?)


http://forums.splitinfinity.com/forumdisplay.php?f=7

Even if your server is managed, have a looksie at the HowTo's and if there something in them that isn't implemented, ask your managed provider to get it sorted.

This list is non-exhaustive and I'll be adding to the HowTo's, esp for security as and when, so check there regularly.

Any questions, post in the forum, or hit me up on ICQ.

I also do one-off hardening configs for $100 -if interested hit me up (this includes much more extensive hardening than those HowTo's, but over time, I'll be posting pretty much all the HowTo's so you can do it yourself if you're savvy enough!)

There's so much more then what you wrote there.
curl/fetch/wget
That's all? I can think of at least 5 more commands that would upload things, plus some 10 more ways to add it without uploading...

thanks for bumping this
now i am going to get 100 more icq from hosting companys wanting to sell me shit


fuck.

lol - sorry!:Oh crap

As it says - it HELPS
Adult websites are the most targetted sector. This was just a start to get a comprehensive security list together to help others.
So, hey, do us all a favour and add things to the threads I created
:321GFY

i'm actually responsible, i'll try not to let it happen again. :(

It depends to your level of management, but really, it's usually not directly applicable to the host.

For instance, if you are paying for a colocated server - most sites will install the basic OS, give you your IP list, and your root password. From there, it's all yours.

However, if you are paying for a managed host, you really need to see what their level of support is. Most 'managed' will monitor HTTP and do basic support, but not that many offer upgrades or updates beyond your initial install - some of them aren't even aware that they should update the OS, being that DirectAdmin/CPanel have the ability to update their specific Apache 1.3/PHP/etc support tools.

The closest experience to a fully managed system I've actually had was through a non-adult service, ICDSoft. They actually scanned all clients, and alerted those with phpBB2 to ensure they ran updates. It was surprising, being how cheap their services were. However, they DO NOT do adult, and I don't believe that they offer anything other than shared accounts at this time.

Sorry to hear you got hacked. It'd be interesting to know how they got in.

Um, i was more pointing to the fact that you did a "half job", and when security is the concern, that does more harm, then helps. If you're gona cover one subject, cover it completelly, don't write half of it, because i can assure you, 70% of webmasters are gona read that, do what you said and think "okay, i disabled uploads, how in the hell did he get that exploit on server", and they'll lose time searching in the wrong direction.

rcp, lynx, links, scp, nc, elinks, proxy, vbox, lwp, GET will all be added to the HowTO in due time.

It's not a half-assed job. It's work in progress, fuckwit.
Now, if you want to help others to help themsleves, add to the thread goddammit. 99% of the peopel who have servers here wouldn't know what to do. It's not easy putting up easy-to-follow instructions. So I did the basics and will update as and when I have the time.

it s the scripts fault