The president of my company said to me this morning that one of our more tech-savvy customers mentioned a vulnerability that is brand new and something we need to worry about since there is obviously no protection against it yet.
We have our web site hosted by our local ISP and the server is the host to countless other web sites. He believes that if one of the other sites on that server is compromised then the hacker will be able to do whatever he/she wants to our site.
First of all, this doesn't sound like something new... is it? If the idea isn't new, how feasible is it for a hacker to compromise a server like that? The ISP is fairly big and professional and has a good number of customers unlike the guy that runs the ISP out of his basement down the street so I would think that they, if anyone, would know about this.
I'm planning on talking to the ISP directly about this but I'm sure that they'll play it down just to reassure me that our site is safe. I need the truth, not propaganda.
March 23rd, 2004, 05:45 PM
are we talking about windows servers?
then i know that he is right.
when the user is IUSR_[servername] for all hosted sites one "misconfigured" site would allow an attacker to hack them all,read your includes or other data or even just delete them.
but that's nothing new
so pls tell us what OS is installed on these servers...
March 23rd, 2004, 05:54 PM
I've got no idea what the ISP is running on the servers, yet.
I still need to get some more information on the actual vulnerability that the guy was talking about and I'll be meeting with the ISP shortly thereafter. I'll post more on this after that. I really just wanted to know if anyone had heard of something similar.
March 23rd, 2004, 06:14 PM
Yes, without the exact vulnerability, all we can do is say .... uh... yeah, that's could be right....
There's nothing new about rooting boxes using one you've already got on the same net. And if it's on the same physical server (perhaps by random chance) then it's probably trivial.
We can't tell you any more about how at risk your site is until you provide the details. There has to be a specific vulnerability for someone to crack any server.
There's your answer for now.
March 23rd, 2004, 06:22 PM
Your ISP is in charge of keeping IS server secure! You're only renting some HD space and Bandwitch on their server! Unless you have confidentiel information on your website (That would be really bad from the start), you shouldn't have to worry about your ISP Security.
March 23rd, 2004, 10:36 PM
I dunno whether to laugh or cry when I read this post..... it's really something else.
For as long as their have been computers running servers, there have been exploits to gain access to them. Unless it's really bad coding and you can modify the page directly, you are never really hacking the website, you are cracking the server. Which will give you access to everything on it (even if you get one user name, there's always privledge escalation). Exploits for server software come out on a daily basis, and they're nothing new. People never expect to be hacked/cracked, it just happens. You implement your security and that's the best you can do. However, this person you describe as being tech-saavy, is prolly like every other computer user. Here's something and thinks it's horrible, or you are trying to social engineer us to see if anyone knows of any big exploits that are out there right now that you can go play with.
Either way this thread seems like a crock of bull..... g'day to you sir.
March 24th, 2004, 04:14 PM
Beat me to the punch, HT. It sounds very fishy, specially when theres a stated concern from a customer, to "I dont know what operating system its running"... just too many holes for me to give you anything.
Good luck with your meeting.