Article 16150 at 09/11/16 21:24:21 From: snoord (at mark) planet.nl Subject: [coba-e:16150] ftp hacked

Index: [Article Count Order] [Thread]

Date:  Mon, 16 Nov 2009 13:24:55 +0100
From:  "Steffan" <snoord (at mark) planet.nl>
Subject:  [coba-e:16150] ftp hacked
To:  <coba-e (at mark) bluequartz.org>
Message-Id:  <59B9F251EC04442D8990B9ECE58E05AD@TikKlikPC11>
In-Reply-To:  <C724D903.D7F0%colin (at mark) mainline.co.uk>
References:  <C724D903.D7F0%colin (at mark) mainline.co.uk>
X-Mail-Count: 16150

Hello,

I have a cleint with sites on 3 different servers
Now several sites ware hacked
One person/ or script uploaden a .htaccess en random php file in every
directory

The client had random passwords
His ftp program has 50 + ftp sites on it
But the only sites that are heacked are sites on my servers

It was normal ftp logins but could there be anything i can check on the
servers to see if the problem is here ?

Thanxs

Steffan