Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
sqzdog
Involved
Involved


Joined: Sep 22, 2003
Posts: 252

PostPosted: Tue Aug 23, 2005 8:40 am Reply with quote

This is the email I got from my host:

Quote:
We had to temporarily suspend your site because we believe the php script there was again being exploited and used to send thousands of spam emails. This has been occurring frequently over the past few days...probably 5 times since Saturday. One time recently it crashed the server and we had to reboot, other times it bogged the server down to where it could barely serve up webpages.

Do you know if your script has any new patches? If not you will need to report it to the creators of the script and hopefully they have a fix for it.


I am running nuke 7.0 with Chatservs latest patches. Also running sentinel 2.0.1 Is this a common problem?
 
View user's profile Send private message Send e-mail
technocrat
Life Cycles Becoming CPU Cycles


Joined: Jul 07, 2005
Posts: 511

PostPosted: Tue Aug 23, 2005 9:32 am Reply with quote

I would start by upgrading your sentinel version. 2.0.1 is VERY old.

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! / Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message
Susann
Moderator


Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support

PostPosted: Tue Aug 23, 2005 10:57 am Reply with quote

I know 4 or 5 Nuke sites with different versions between Nuke 6.5 and 7.3. with the same problem.If you have webmail installed delete it, if you are using awstats upgrade to version 6.5.Check your mail configuration and you can also upgrade NukeSentinel. (only two of the sites I´m talking about used Sentinel).

But its really hard to find out where the security hole is. One webmaster of the 5 told me after he upload his files again (2 or 3 weeks later) it goes on with 1000 of spam mails.

It´s sometimes to look for a needle in a haystack. Good luck !
 
View user's profile Send private message
sqzdog
PostPosted: Tue Aug 23, 2005 4:03 pm Reply with quote

I am using NSN 2.0.1 and have never upgraded before. Do I do a sequential upgrade or can I just upgrade to the current version?
 
Xiode
Regular
Regular


Joined: Jun 15, 2005
Posts: 78
Location: AR

PostPosted: Tue Aug 23, 2005 4:07 pm Reply with quote

They use the webmail module so that the email comes from your server. You need to delete the webmail module. I highly recommend this to anyone using nuke period. I had the same problem a WHILE back.

_________________
**Mental Note** Signature Goes Here! 
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger
kguske
Site Admin


Joined: Jun 04, 2004
Posts: 6383

PostPosted: Tue Aug 23, 2005 6:08 pm Reply with quote

You upload the new Sentinel file once, then upgrade the database / tables sequentially - one step at a time from one version to the next. Not very difficult, and I've never had problems upgrading.

Also, the host didn't specifically tell you it was PHP or PHP-Nuke (though I'd still remove the webmail module if you have it - was it still included in 7.0??). But you should also check other directories like cgi-bin to see if there are any sendmail.pl or mail related scripts there. Most hosts either remove that or upgrade it to a safer version, but you don't need it on a Nuke site, so remove that if it's there.

_________________
I google, therefore I exist...
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
quickthrottle
Regular
Regular


Joined: Mar 18, 2006
Posts: 60

PostPosted: Mon Mar 27, 2006 5:38 pm Reply with quote

The only module i see is feedback, is this one safe?
Running rn76v2.02

_________________
A real friend is not someone that will come bail you out of jail.
A real friend would be there with you asking How we gona get out? 
View user's profile Send private message
kguske
PostPosted: Mon Mar 27, 2006 8:39 pm Reply with quote

For the most part, yes. I think rn76v2.02 uses the enhanced feedback module that VinDSL wrote, which is pretty secure.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©