PM
To: CF-Talk
Subject: RE: CF trojen? BackdoorJY.sv
Everyone running IIS should look at this:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=24168
This has kept us pretty much out of the eye of trouble for
quite some
time. Hackers managed to get in almost daily
Rather than relying on Microsoft
patches, you'll get better mileage out of properly configuring your
servers
up front. Here's a little secret of mine. I don't bother installing
most
of
the IIS patches when they come out. I don't have to, because they
patch
things that I've already disabled
]]
Sent: Thursday, July 19, 2001 9:31 AM
To: CF-Talk
Subject: Re: CF trojen? BackdoorJY.sv
Rather than relying on Microsoft
patches, you'll get better mileage out of properly configuring your
servers
up front. Here's a little secret of mine. I don't bother installing
most
of
the IIS patches when
in. :)
From: Christopher Olive, CIO [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Subject: RE: CF trojen? BackdoorJY.sv
Date: Thu, 19 Jul 2001 09:18:55 -0400
actually, microsoft has a good article on hardening IIS5. don't have
the
link right now, but go
by it (not because of it). It may not stop a hack, but it should
allow you to catch it before too much damage can be done.
Justin
-Original Message-
From: Dave Watts [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 19, 2001 2:13 AM
To: CF-Talk
Subject: RE: CF trojen? BackdoorJY.sv
Everyone
Can you throw us bone, and point us to some information on how to
strip down a CF, IIS Server?
Yes. Read the IIS installation checklists on the MS security site
(http://www.microsoft.com/security/) and on securityfocus.com
(http://www.securityfocus.com/). Read about how to use ACLs at
My virus checker (mcafee) just revealed 4 viruses on my server:
C:\server.dll
c:\server.exe
c:\cfusion\bin\server.dll
c:\cfusion\bin\server.exe
it said they all were infected with BackdoorJY.dll or BackdoorJY.svr
trojens.
This is a Windows 2000 advanced server with CF4.5.1SP2.
I
18, 2001 9:25 PM
To: CF-Talk
Subject: RE: CF trojen? BackdoorJY.sv
My virus checker (mcafee) just revealed 4 viruses on my server:
C:\server.dll
c:\server.exe
c:\cfusion\bin\server.dll
c:\cfusion\bin\server.exe
it said they all were infected with BackdoorJY.dll
Everyone running IIS should look at this:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=24168
This has kept us pretty much out of the eye of trouble for quite some
time. Hackers managed to get in almost daily, prior to us recreating
our systems, adding W2K SP2, and then
9 matches
Mail list logo