Account suspended 2

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Jim
    Member
    • Mar 2004
    • 44

    #76
    insecure php script referenced

    Fom thread titled suspenion v3...
    And, FYI to anyone else that stumbles on this thread, this domain was suspended for running insecure PHP scripts which allowed visitors to download and execute very harmful software on the server. This is a very serious issue.
    Is there a possibility that the script(s) can be named if they are publicly available. I'd like to know in order to avoid a similar occurrence.

    Comment

    • samsam
      Member
      • Mar 2004
      • 79

      #77
      Originally posted by Jim
      Fom thread titled suspenion v3...

      Is there a possibility that the script(s) can be named if they are publicly available. I'd like to know in order to avoid a similar occurrence.
      That's a great idea. On another, un-named reseller web-host's forum, there is a list in their knowledge base area of banned scripts.

      The quote is:

      The following scripts are banned due to these scripts causing harm to other sites on the same server.

      - AlienForm (all versions)
      - formmail.pl
      - Greymatter (all versions)
      - Open Webmail
      - Ikonboard (all versions)
      - IRC Egg Drops & IRC related programs.
      - Chat software.
      - lstmrge.cgi
      - Proxy Servers & Scripts (EX: nph-proxy)
      - Shell, SSH, Telnet Scripts and Shell, SSH, Telnet Alternatives
      - The Anonymizer
      - UltimateBBS (all versions)
      - YABB + YABB se (all versions)
      - Any script that uses & processes a massive number of flatfiles or large flatfile databases.

      If we find banned scripts active in your account, we will suspend your account and disable or remove the offending script and send you an email notifying you of our actions.

      If you are worried about a script you or one of your clients intends to use, please send a ticket into the helpdesk with as much detail on how the script functions and anything else you feel we should know about the script. Please do not ask us if "Script X" is ok without providing any information on the script. There are thousands if not millions of scripts available and there are only a few of those we may be familiar with.
      The list seems a bit out of date, so perhaps they haven't had many problems with scripts on their system, but otherwise it is a good policy.

      Comment

      • AndrewT
        Administrator
        • Mar 2004
        • 3653

        #78
        Here's a start for us: http://forums.dathorn.com/showthread.php?t=195

        Comment

        Working...