Solved

How to identify security leak on Win Server 2008

Posted on 2015-01-12
3
174 Views
Last Modified: 2015-01-13
Hi,

I have identified several directories on my web server that no one in my organization put there. One of them is a Wordpress site for Louis Vuiton handbags!

So obviously my server has been compromised, though all active websites are performing perfectly.

What is the purpose of someone planting hidden directories like this, and more importantly, if I'm using FTP User Isolation and it is unlikely that a password has been stolen, what other vulnerabilities should I look for? Do people use regular antivirus applications on their web servers? I've never browsed sites using that server, so I was under the impression I was pretty safe.

Any suggestions for next steps? I've been tempted to migrate to some newer hardware, but I don't want to bring any security issues with me...

Thanks

Bill
0
Comment
Question by:billium99
3 Comments
 
LVL 5

Assisted Solution

by:Sean Jackson
Sean Jackson earned 200 total points
ID: 40545020
If you're looking for vulnerabilities (you said security leak), I would hit it with a vulnerability scanner and remediate what the scanner finds.
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 300 total points
ID: 40545334
There is sooooooooooooooo much you have to do to stay secure you can't do it by yourself. You should run AV on a server, absolutely, especially one that is accepting files via ANY means. If your running PHP or other frameworks, you have to stay up2date on the patches for them and or the best practices. Wordpress has hundreds of vuln's every year, and certain extensions of WP can add to the vulnerability surface. Sometimes it's the underlying websever (IIS) it can be the coding as well.File permissions can be to lax and allow people to write to your directories, or a file inclusion exploit allows them to do that. Again there is sooooo much to know about, you have to stay current. There are people for hire on EE as well as elsewhere that could help. http://www.experts-exchange.com/Expert_Testing/addProject.jsp
-rich
0
 
LVL 1

Author Closing Comment

by:billium99
ID: 40547001
Thanks guys
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

26 Experts available now in Live!

Get 1:1 Help Now