Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

SQL Injection Attack happening ATM, 4000+ sites infected
 View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security Issues
Author Message
crypto
Worker
Worker



Joined: Aug 02, 2004
Posts: 165
PostPosted: Fri Dec 02, 2011 8:16 am Reply with quote
There has been got Only registered users can see links on this board! Get registered or login! of sites being injected with php-string. Typically code is inserted into several tables. From the information gathered so far it looks targeted at ASP, IIS and MSSQL backends, but that is just speculation.

When discovered yesterday about 80 sites showed in Google, this morning about 200, by lunch 1000 and a few minutes ago 4000+.

The attack seems to work on all versions of MSSQL.

Have you seen this kind of attacks today?
 
View user's profile Send private message
nuken
RavenNuke(tm) Development Team



Joined: Mar 11, 2007
Posts: 2024
Location: North Carolina
PostPosted: Fri Dec 02, 2011 8:43 am Reply with quote
I have never felt safe running php on a windows server. I know Apache and MySQL have there own risks, but the Linux permission system works well if configured and used correctly.

_________________
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Send e-mail Visit poster's website
kd8hho
Worker
Worker



Joined: Mar 30, 2009
Posts: 132
PostPosted: Fri Dec 02, 2011 8:58 am Reply with quote
nuken wrote:
I have never felt safe running php on a windows server. I know Apache and MySQL have there own risks, but the Linux permission system works well if configured and used correctly.


I have never felt safe running anything windows.

I know honestly your never 100% safe, But I use linux for the security

and totally agree on the nix perm system. with that and keeping up with security updates on the linux side of things and just being smart. your mostly safe

_________________
Linux Register User #481509 | Ubuntu Register User #25492 
View user's profile Send private message Visit poster's website
papamike
Theme Guru



Joined: Jan 11, 2006
Posts: 170
PostPosted: Fri Dec 02, 2011 1:01 pm Reply with quote
Here's a good resource on the subject: http://us.norton.com/theme.jsp?themeid=mislead

But since everyone here seems to be Linux users it possibly doesn't apply. If a windows user drops in it may become relevant to them.
 
View user's profile Send private message
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security Issues


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©