Yeah... well, again, I don't know how to get into the virtual server to do anything like that... I'll have to see if I can get in touch with the former Marketing Manager to see if he knows how to access the virtual server.
From: Jonathan Link [mailto:[email protected]] Sent: Thursday, July 14, 2011 8:55 AM To: NT System Admin Issues Subject: Re: Security and maintenance on virtual co-lo servers Just another thing to add. This probably is not sufficient. I would suggest that all accounts on the box have complex passwords at least 15 characters long. On Thu, Jul 14, 2011 at 8:48 AM, John Aldrich <[email protected]> wrote: I should mention that the web designer said that the FTP server was being hit pretty hard with random password attacks. No indication that anyone got in, but still, better safe than sorry, which is why I told the hosting company to restrict FTP to just our external IP address. -----Original Message----- From: John Aldrich [mailto:[email protected]] Sent: Thursday, July 14, 2011 8:34 AM To: NT System Admin Issues Subject: RE: Security and maintenance on virtual co-lo servers Thanks. I republished the website (after I got in touch with the web designer and he told me how) and that got rid of the errors. He said there was just a single line of script at the end of some of the pages and apparently republishing the website took care of it. I have asked our web host to lock down FTP access to just our IP address. Also, the web designer said that the virtual server did NOT have auto-update enabled. *sigh* I'm going to email him and ask him to enable it. I also found a site that will do a free scan of a website for malware and am running a scan now. From: Kevin Lundy [mailto:[email protected]] Sent: Wednesday, July 13, 2011 4:24 PM To: NT System Admin Issues Subject: Re: Security and maintenance on virtual co-lo servers I would suggest that rather than worrying about how contracts normally work, I think you should focus on fixing the issue. Your web site is still infected by at least 2 downloader trojans. To leave the site online with a known infection is irresponsible. You also realize there is more to web server security than just antivirus don't you? How did the system get infected to begin with for example? SQL injection, open SMB, open ftp etc. I would have the hosting company take the server off line NOW, and do a bare metal restore. -----Original Message----- From: John Aldrich [mailto:[email protected]] Sent: 13 July 2011 15:44 To: NT System Admin Issues Subject: Security and maintenance on virtual co-lo servers Our website was attacked and malware posted on it apparently over the weekend. I'm not sure, but I don't think there is any antivirus / anti-malware on the virtual server we are renting. Who's responsibility is it *normally* to handle security and Microsoft updates on a virtual server? I don't know the terms of our contract, so I can't say whether or not the hosting company is in violation of those terms or not. Just wondering how these things normally work. Thanks! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin -- MIRA Ltd Watling Street, Nuneaton, Warwickshire, CV10 0TU, England Registered in England and Wales No. 402570 VAT Registration GB 100 1464 84 The contents of this e-mail are confidential and are solely for the use of the intended recipient. If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax. You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
