Solved

How to identify security leak on Win Server 2008

Posted on 2015-01-12
3
168 Views
Last Modified: 2015-01-13
Hi,

I have identified several directories on my web server that no one in my organization put there. One of them is a Wordpress site for Louis Vuiton handbags!

So obviously my server has been compromised, though all active websites are performing perfectly.

What is the purpose of someone planting hidden directories like this, and more importantly, if I'm using FTP User Isolation and it is unlikely that a password has been stolen, what other vulnerabilities should I look for? Do people use regular antivirus applications on their web servers? I've never browsed sites using that server, so I was under the impression I was pretty safe.

Any suggestions for next steps? I've been tempted to migrate to some newer hardware, but I don't want to bring any security issues with me...

Thanks

Bill
0
Comment
Question by:billium99
3 Comments
 
LVL 5

Assisted Solution

by:Sean Jackson
Sean Jackson earned 200 total points
ID: 40545020
If you're looking for vulnerabilities (you said security leak), I would hit it with a vulnerability scanner and remediate what the scanner finds.
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 300 total points
ID: 40545334
There is sooooooooooooooo much you have to do to stay secure you can't do it by yourself. You should run AV on a server, absolutely, especially one that is accepting files via ANY means. If your running PHP or other frameworks, you have to stay up2date on the patches for them and or the best practices. Wordpress has hundreds of vuln's every year, and certain extensions of WP can add to the vulnerability surface. Sometimes it's the underlying websever (IIS) it can be the coding as well.File permissions can be to lax and allow people to write to your directories, or a file inclusion exploit allows them to do that. Again there is sooooo much to know about, you have to stay current. There are people for hire on EE as well as elsewhere that could help. http://www.experts-exchange.com/Expert_Testing/addProject.jsp
-rich
0
 
LVL 1

Author Closing Comment

by:billium99
ID: 40547001
Thanks guys
0

Featured Post

The problems with reply email signatures

Do you wish that you could place an email signature under a reply? Well, unfortunately, you can't. That great Exchange/Office 365 signature you've created will just appear at the bottom of an email chain. What a pain! Is there really no way to solve this? Well, there might be...

Join & Write a Comment

You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now