Thanks. I republished the website (after I got in touch with the web designer and he told me how) and that got rid of the errors. He said there was just a single line of script at the end of some of the pages and apparently republishing the website took care of it. I have asked our web host to lock down FTP access to just our IP address. Also, the web designer said that the virtual server did NOT have auto-update enabled. *sigh* I'm going to email him and ask him to enable it. I also found a site that will do a free scan of a website for malware and am running a scan now.
From: Kevin Lundy [mailto:[email protected]] Sent: Wednesday, July 13, 2011 4:24 PM To: NT System Admin Issues Subject: Re: Security and maintenance on virtual co-lo servers I would suggest that rather than worrying about how contracts normally work, I think you should focus on fixing the issue. Your web site is still infected by at least 2 downloader trojans. To leave the site online with a known infection is irresponsible. You also realize there is more to web server security than just antivirus don't you? How did the system get infected to begin with for example? SQL injection, open SMB, open ftp etc. I would have the hosting company take the server off line NOW, and do a bare metal restore. -----Original Message----- From: John Aldrich [mailto:[email protected]] Sent: 13 July 2011 15:44 To: NT System Admin Issues Subject: Security and maintenance on virtual co-lo servers Our website was attacked and malware posted on it apparently over the weekend. I'm not sure, but I don't think there is any antivirus / anti-malware on the virtual server we are renting. Who's responsibility is it *normally* to handle security and Microsoft updates on a virtual server? I don't know the terms of our contract, so I can't say whether or not the hosting company is in violation of those terms or not. Just wondering how these things normally work. Thanks! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin -- MIRA Ltd Watling Street, Nuneaton, Warwickshire, CV10 0TU, England Registered in England and Wales No. 402570 VAT Registration GB 100 1464 84 The contents of this e-mail are confidential and are solely for the use of the intended recipient. If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax. You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
