Web Security – The Wac-A-Mole Version
By Stephen Repetski on Jul 22, 2009
This article from Computerworld earlier today reminded me a lot of the times the TJHSST Student Systems Administrators (of which I’m now a graduate) got to rid our web server of spam that had infiltrated it. The infection I remember most was when a hacked MediaWiki site had been used to upload files to redirect computers to spam sites advertising pills and drugs. It got to the point that there were enough hacked computers hitting our server that most external and internal requests for pages were being refused, and ssh sessions to the server would have a noticeable lag. Eventually one of the other ex-admins got around to doing some scripting, and had a 600-700-line file of computers that were put into ipfilter to eventually block the attack.
Unfortunately we’ve had a couple other smaller infiltrations, but hopefully we closed the hole that they were getting in through. Only time will tell…