Network Security: Detailed info on IIS web server hacked..any tips?

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Incidents

[Top] [All Lists]

IIS web server hacked..any tips?

from [Francesco] Network Security

[Permanent Link]

Subject:	IIS web server hacked..any tips?
Date:	Wed, 15 Dec 2004 08:23:40 -0800

I have a Windows 2003 Server running IIS 6, SQL Server 2000, MailEnable,
and ASP.NET 1.1.  WWW and FTP are enabled, but restricted by IP.  FTP is
additionally protected by authentication.

Yesterday someone managed to access the server and dump 8GB of DVD files
into a deeply nested folder in a backup directory, for sharing I
presume.  The payload folder was NOT within the available folders given
access to FTP users.  Someone was able to "see" the entire D drive and
figure out a hidden enough location at their whimsy.

I thought the server was fairly well locked down, but apparently not.
What is the usual method of intrusion for "warez" attacks like these?

Francesco

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
IIS web server hacked..any tips?, Francesco <= Re: IIS web server hacked..any tips?, xyberpix RE: IIS web server hacked..any tips?, Curt Purdy Re: IIS web server hacked..any tips?, Sam Evans RE: IIS web server hacked..any tips?, Christopher Day RE: IIS web server hacked..any tips?, Jim Tuttle Re: IIS web server hacked..any tips?, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Re: IIS web server hacked..any tips?, Barrie Dempster Re: IIS web server hacked..any tips?, Tim Igoe Re: IIS web server hacked..any tips?, cta@hcsin.net Re: IIS web server hacked..any tips?, Valdis . Kletnieks

Previous by Date:	Re: PHP injection attempt from 200.222.244.154, Jez Hancock
Next by Date:	Re: IIS web server hacked..any tips?, xyberpix
Previous by Thread:	ftp warez server snake ?, Andreas Putzo
Next by Thread:	Re: IIS web server hacked..any tips?, xyberpix
Indexes:	[Date] [Thread] [Top] [All Lists]