Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Magento styles.css file changed ? Compromised ?

Posted on 2013-06-02
3
Medium Priority
?
300 Views
Last Modified: 2016-03-02
Hi Experts,

I got a complain that the Magento css has changed, and please check below what I have seen from the changed file. It's seems like we didn't had a release on anything planned for March 3rd. Or we are not sure some has did change using the Magento admin panel.

-rw-rw-r-- 1 1000 www-data 108090 2013-03-03 10:04 styles.css

I'm not sure who is 1000 ?

Can you please help me to investigate about this.

Thanks a lot for your time !
0
Comment
Question by:Shakthi777
  • 2
3 Comments
 
LVL 65

Assisted Solution

by:btan
btan earned 2000 total points
ID: 39217765
I assume you also know this for ls command
2nd column is --> Number of links
3rd Column is --> File/directory owner
4th Column is --> File/directory group

Quick check is also etc user on such '1000' user, and check on system trails and symptoms available for breaches and login at pt of changes or creation of file

See this to help in check
http://wiki.metawerx.net/wiki/LBSA
0
 
LVL 65

Accepted Solution

by:
btan earned 2000 total points
ID: 39217771
Likewise this has more info on checking the file permission abuses if any ...see the file Files and File system Security section. Likwise another useful sheet is the second link

http://www.ibiblio.org/pub/linux/docs/howto/other-formats/html_single/Security-HOWTO.html

http://www.sans.org/score/checklists/ID_Linux.pdf
This sheet is split into these sections:
• Unusual Processes and Services
• Unusual Files
• Unusual Network Usage
• Unusual Scheduled Tasks
• Unusual Accounts
• Unusual Log Entries
• Other Unusual Items
• Additional Supporting Tools
0
 

Author Closing Comment

by:Shakthi777
ID: 39297475
tnx !
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question