Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 8 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
If a Tomcat7 (on Ubuntu 12.x) gets hacked (caused by weak username/password) what is the hacker able to do? Of course he can deploy .war archives.
But:
Can he get access on the complete file system?
Can he change tomcat/FTP/ubuntu admin passwords?
Or are there no limits at all?
If you are talking about a weak password for the tomcat manager application (that you can use to deploy new webapplications): Well - can you imagine a web application called "remote file explorer"? or "remote shell"? Basically, if you can upload code to servers that gets executed, there's almost no limit.
Well, the limit is set by your admins: Java (and with it Tomcat) can run in a sandbox/security manager. I actually know not many installations that do this. Also, quite a lot of tomcat installations run as the root user - if you lose control over such an instance, you're toast.
So the question you're asking is: "Is it dangerous when attackers can run arbitrary code on my server?" I hate to reveal this, but the answer is "yes".
As of tomcat, I feel that the manager application is nice for debugging, but not something you want to deploy on a production system, visible to the world. But that's only a very small part of the hardening process.
Oh, and even though it might not exactly fit in this context, but you might want to look at Java/Tomcat hacked, I just found this scrolling by - a nice alternative vulnerability to a weak password.
Related
Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 days ago.
Improve this question
So my school has blocked all websites (for now at least) and I'm wondering if there was a way to access them without entering into them. What I've thought is that this could be done with google as google search can show you certain parts of pages.
Also, the current configuration of the firewall allows you to do google search and access certain websites. I also know that they perform this using a man in the middle attack intercepting SSL connections. Is there any VPN, tool or script that can bypass this? Something to do with packets obfuscation using XOR gates? I've tried using many different VPNs but all seem to not work.
Thanks in advance.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
As I'm using a windows 7.We are configured public ip to access our apache server. After a Remote desktop connection via Anydesk Ended. All the Files in System are encrypted with .deep extension. Every Folder Contains Text files that has id and mrdeep#protonmail.com and bitcoin donate information and also system already has K7 AntiSecurity(Licensed but about to end).But after affected, K7 automatically vanished. Hence can anyone help me to recover those files and also guide me to escape from such viruses in future..
it looks that this is Scarab ransomware new version. Scarab has decryption tool developed by Dr. Web. You should try that, it may work for this .deep extension or just use anti-malware tools, clean everything. Then maybe Data Recovery Pro will help with data decryption. Keep your anti-virus and anti-malware up-to-date so you can avoid this nasty virus. These most commonly come from infected spam email attachments. so clean that box more often and scan your system more frequently. Good luck!
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I want to test some Ransomware. Therefore I wanna use VMware and create a virtual machine, where I can execute this software. I already deleted the Network device, so that no connection is possible between my computer and the VM. Do I need to know something more about it. Could it be possible that the virus breaks out and affects my PC?
Make sure that you are not playing around with Cerber 6 Ransomware because it has Anti-VM features that can easily bluff you when you are on the test. I just got to know the same from this post:http://ransomwares.net/cerber-6-ransomware/. I request you to read this post to know more about Cerber's new Anti-VM & Anti-Sandboxing features which makes it dangerous than never before!
Be sure to disable all shared folders. Also disable any CPU virtualisation acceleration, then you should be fine.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
Hi there Ladies and Gents
I am asking this question because this weekend ahas seen me go from a fully haired man to a bold man in let them 24 hours. Google found malware on three site we are running on a shared server. All the files are HTML or Java. I have done some research and this Malware software put a load of numbers and letters at the bottom of the HTML pages. So, I have cleaned the files off the server, and replaced them with clean files from our own hard drives. But within a few minutes the files are infected again. Then looking at the file, there are no bits of code. So when I go back to firefox and look again, after clearing the cache the same thing happens again, the red screen! I am just wondering if, there could be a infection on the shared server and it could be infecting more than just our three website?
Sorry it's long winded - No sleep for 48 hours sorting this out and rebuilding the sites on another server we trust.
Kind regards to all who read this message.
John
Yes. it is possible for malware to infect a whole server.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
For our company I want to setup a file sharing service such as Dropbox but on our own servers for our corporate information.
It must be only available for employes of our company.
Please suggest me software package.
I suggest you try http://owncloud.org/.
That's what we use in my company and it is quite convenient to sync our working files (similar to what dropbox do), and to share files as well.
Have a look at arXshare (http://www.arxshare.com). You can install it on any server with PHP, it is easy to setup, and it does not require any database and is very lightweight. Furthermore, it does end-to-end encryption, so your shared files on the server are useless without your password.