Its arcticzone.dyndns.org right? I could be losing my mind hehe but thats nothing new
Thanks,
Talonp
BBS?!?!
BBS?!?!
Hey dspain is your system down? I was going to upload some of the mods like you asked but I havn't been able to get on for a few days.
Its arcticzone.dyndns.org right? I could be losing my mind hehe but thats nothing new
Thanks,
Talonp
Its arcticzone.dyndns.org right? I could be losing my mind hehe but thats nothing new
Thanks,
Talonp
i disabled the web interface for right now.Talonp wrote:Thanks it works via Telnet I was trying to access it via the HTML interface
SO I know it up now for telnet at less.
Again thanks for the help Drex
i found a severe exploit in the GALWEBD web server and have
it down while i go through the WEBD.C code and find a way
to repel it.
once i get this guy to come off the explot's source code i will counter-attack it, until then i had to disable the web side.
it goes slow as usual, seems the damn thing can attack FTP port 21 as well.Talonp wrote:Ahhh that explains it...thank you for the answer, let us know when you get it fixed and how it goes my friend.
the ftp one is easy capture the params and limit to like 70 chars.
web one im pulling my hair out over.
It is recommend to run it in Safe Web mode so that the attack is thwarted.dspain wrote:it goes slow as usual, seems the damn thing can attack FTP port 21 as well.Talonp wrote:Ahhh that explains it...thank you for the answer, let us know when you get it fixed and how it goes my friend.
the ftp one is easy capture the params and limit to like 70 chars.
web one im pulling my hair out over.
run what in safe mode?The Storm wrote:It is recommend to run it in Safe Web mode so that the attack is thwarted.dspain wrote:it goes slow as usual, seems the damn thing can attack FTP port 21 as well.Talonp wrote:Ahhh that explains it...thank you for the answer, let us know when you get it fixed and how it goes my friend.
the ftp one is easy capture the params and limit to like 70 chars.
web one im pulling my hair out over.
"Enable Secure Web?dspain wrote:run what in safe mode?The Storm wrote:It is recommend to run it in Safe Web mode so that the attack is thwarted.dspain wrote: it goes slow as usual, seems the damn thing can attack FTP port 21 as well.
the ftp one is easy capture the params and limit to like 70 chars.
web one im pulling my hair out over.
Do you want to enable Secure Web? Secure Web allows you to password protect and/or key off particular URLs. You cannot key off/password protect URLs that are owned by Active HTML modules, however, with Secure Web. "
It seems with this option turned on, the attack is less likely to crash the board. It's in the General Setup.
oh you mean secure web, yeah that is likely to minimize the threat but won't cease it altogether, i have already coded in a series of debugging log utilities to write to specific logfiles when certain things happen, the good news is it will write the debug info prior to the crash which is an exception crash (old GP in dos) so the servere comes right back up,The Storm wrote:"Enable Secure Web?dspain wrote:run what in safe mode?The Storm wrote: It is recommend to run it in Safe Web mode so that the attack is thwarted.
Do you want to enable Secure Web? Secure Web allows you to password protect and/or key off particular URLs. You cannot key off/password protect URLs that are owned by Active HTML modules, however, with Secure Web. "
It seems with this option turned on, the attack is less likely to crash the board. It's in the General Setup.
and unlike dos since the nt system doesnt reboot, it writes the entire file.
im gonna have a series of things pointed at that web server such as syn_'s and such and see what i get in the debug logs and then write in preventitive measures in the webd thus giving us a safe place to surf
i know i know i have no F****NG life!!!!