Last night there was an unannounced upload to our drop box. We generally ignore unannounced uploads and allow them to be automatically deleted after a few days, on the assumption that it was a mistake or an attack. We happened to have the time to inspect last night's upload and deleted it immediately as it was obviously an attack.
It was named "s.php" but upon inspection with a text editor, far from any web server environment in which it might run, it turned out to be a rather old attack, c99shell.
This is an example of why we require that customers alert us via email before uploading files. It is a shame that we have to have this policy, but we do have to have it.
No comments:
Post a Comment