RE: CF trojen? BackdoorJY.sv

2001-07-19 Thread Lee Fuller
PM To: CF-Talk Subject: RE: CF trojen? BackdoorJY.sv Everyone running IIS should look at this: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=24168 This has kept us pretty much out of the eye of trouble for quite some time. Hackers managed to get in almost daily

Re: CF trojen? BackdoorJY.sv

2001-07-19 Thread Surma
Rather than relying on Microsoft patches, you'll get better mileage out of properly configuring your servers up front. Here's a little secret of mine. I don't bother installing most of the IIS patches when they come out. I don't have to, because they patch things that I've already disabled

RE: CF trojen? BackdoorJY.sv

2001-07-19 Thread Christopher Olive, CIO
]] Sent: Thursday, July 19, 2001 9:31 AM To: CF-Talk Subject: Re: CF trojen? BackdoorJY.sv Rather than relying on Microsoft patches, you'll get better mileage out of properly configuring your servers up front. Here's a little secret of mine. I don't bother installing most of the IIS patches when

RE: CF trojen? BackdoorJY.sv

2001-07-19 Thread Eric Dawson
in. :) From: Christopher Olive, CIO [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Subject: RE: CF trojen? BackdoorJY.sv Date: Thu, 19 Jul 2001 09:18:55 -0400 actually, microsoft has a good article on hardening IIS5. don't have the link right now, but go

RE: CF trojen? BackdoorJY.sv

2001-07-19 Thread Justin Greene
by it (not because of it). It may not stop a hack, but it should allow you to catch it before too much damage can be done. Justin -Original Message- From: Dave Watts [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 19, 2001 2:13 AM To: CF-Talk Subject: RE: CF trojen? BackdoorJY.sv Everyone

RE: CF trojen? BackdoorJY.sv

2001-07-19 Thread Dave Watts
Can you throw us bone, and point us to some information on how to strip down a CF, IIS Server? Yes. Read the IIS installation checklists on the MS security site (http://www.microsoft.com/security/) and on securityfocus.com (http://www.securityfocus.com/). Read about how to use ACLs at

RE: CF trojen? BackdoorJY.sv

2001-07-18 Thread Dave Watts
My virus checker (mcafee) just revealed 4 viruses on my server: C:\server.dll c:\server.exe c:\cfusion\bin\server.dll c:\cfusion\bin\server.exe it said they all were infected with BackdoorJY.dll or BackdoorJY.svr trojens. This is a Windows 2000 advanced server with CF4.5.1SP2. I

RE: CF trojen? BackdoorJY.sv

2001-07-18 Thread Lee Fuller
18, 2001 9:25 PM To: CF-Talk Subject: RE: CF trojen? BackdoorJY.sv My virus checker (mcafee) just revealed 4 viruses on my server: C:\server.dll c:\server.exe c:\cfusion\bin\server.dll c:\cfusion\bin\server.exe it said they all were infected with BackdoorJY.dll

RE: CF trojen? BackdoorJY.sv

2001-07-18 Thread Dave Watts
Everyone running IIS should look at this: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=24168 This has kept us pretty much out of the eye of trouble for quite some time. Hackers managed to get in almost daily, prior to us recreating our systems, adding W2K SP2, and then