PPCGeeks.com FTP Vandalized. Everyones help needed!

[Wideawake]

Quote:

Originally Posted by 6700Yuma

I'd agree with mindfrost. It would be easiest (once it is all uploaded again) to set everything to read only for the public account. Then make an additional account that has full access. The problem then becomes that no one can add to the FTP without going through the admin account. I think the FTP is still on Dreamhost, right Mike? If so, then anonymous FTP is only $3.95/month or $47.40/year. This would allow for an upload only account, that no one can delete from. An admin could move approved stuff into a second folder which is download only. Again, no one could delete stuff. The admin account would be the only on that could make big changes.

looking into this one 6700yuma, I hadnt forgot about ur suggestion.
~mike

[s10onn2o]

why do aholes have to mess up somthing good and free at that matter CHILDISH

[iceblue]

This is nut’s. First I want to know how everyone had permissions? Why did we need 777 permission on the FTP? It would be very simple to login to the server setup with something like cpanel or even set ftp permission in a consol. How in the world did the server not allow this?

I assumed peoples folders were approved by the admins and they received a write permission over there folder. Have the server Logs gave to you from the admin and check what IP and time the files were deleted then trace the ip pool. You can then call the company you find the user hosted from talk to the admin there have the records of the ip used on the delete and time to match his assigned pool addresses to registered user MAC addresses. That will tell you who did it.

Unless he was smart and used another persons user account or public computer and or wifi connection.

[iceblue]

Quote:

Originally Posted by s10onn2o

why do aholes have to mess up somthing good and free at that matter CHILDISH

I would say this was a free hack that a n00b stumbled upon. Since only the titan folders were delete this more then likely is not the case. I know when I started we would scan pool ranges and see what we could come up with and run attacks and exploits to learn how servers responded differently. Some we get some we didn’t. I remember spending 2 weeks almost messing with a router for an ATM. Allot of times when n00bs try running scans and find something were they get 777 permission they get giddy and dump the server. Instead of monitoring it for a higher level brake.

[EDGE23]

Quote:

Originally Posted by 6700Yuma

I'd agree with mindfrost. It would be easiest (once it is all uploaded again) to set everything to read only for the public account. Then make an additional account that has full access. The problem then becomes that no one can add to the FTP without going through the admin account. I think the FTP is still on Dreamhost, right Mike? If so, then anonymous FTP is only $3.95/month or $47.40/year. This would allow for an upload only account, that no one can delete from. An admin could move approved stuff into a second folder which is download only. Again, no one could delete stuff. The admin account would be the only on that could make big changes.

if mike is willing to go that route, ill be happy to help $$$. just let me know.

[GirlGoneGeek]

Wide now has it fixed. Thanks for the suggestions. It's an anonymous FTP server now.

[Baffles]

Why not put FTP on the monster server used for this site? Assuming you got the one we were talking about on IRC, you could (and I personally would if it were me) set up VMs, one for the site, one for FTP, etc. Then FTP would still be totally isolated, but you could have complete control over it and use the resources you already have instead of paying someone like dreamhost.