updated filezilla and then server got compromised
Moderator: Project members
updated filezilla and then server got compromised
updated filezilla and then server got compromised
Not sure if any connection between the two but thought I'd best post here and let you know about it.
I updated to 3.7.3 fillzilla, did a complete download of all my website files on to my HDD (nothing wrong with files on my pc) this morning.
Went to look at website and got various php warnings which mean that server has been compromised in some way and code added to a file(s)
Fingers crossed for Hosting company to sort it quickly.
Not sure if any connection between the two but thought I'd best post here and let you know about it.
I updated to 3.7.3 fillzilla, did a complete download of all my website files on to my HDD (nothing wrong with files on my pc) this morning.
Went to look at website and got various php warnings which mean that server has been compromised in some way and code added to a file(s)
Fingers crossed for Hosting company to sort it quickly.
Re: updated filezilla and then server got compromised
message reply from hosting company
Having checked this, I can confirm that your account has been compromised and many of the files on your account were downloaded via FTP then re-uploaded with larger filesizes with the most-likely malicious code via FTP between 14:19 and 14:27 on today.
As these files were accessed via your main FTP user this demonstrates that your accounts' password has become known to a third party,
Re: updated filezilla and then server got compromised
Change passwords immediately, but first scan your machine! Looks like you might have a malware infection.
No support requests over PM! You will NOT get any reply!!!
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
-
- 503 Bad sequence of commands
- Posts: 20
- Joined: 2013-08-07 16:17
- First name: Frank
- Last name: Tanner
Re: updated filezilla and then server got compromised
What Boco said. There is malware that specifically targets FileZilla stored usernames and passwords because the developers refuse to encrypt the file that stores that information, and they have no plans to encrypt it. They claim that it's not necessary or productive to do so. It makes it an easy target.boco wrote:Change passwords immediately, but first scan your machine! Looks like you might have a malware infection.
Re: updated filezilla and then server got compromised
Small correction: developer. There's only one. And obfuscation/encryption does not work well for GPL Open Source, where you have to provide everything to the public, even the encryption keys or how to calculate it. Guess what? Today's CPUs will crack it faster than you can blink. I'm not saving any passwords in FileZilla (kiosk mode 1 since it was introduced ages ago).
No support requests over PM! You will NOT get any reply!!!
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
-
- 503 Bad sequence of commands
- Posts: 20
- Joined: 2013-08-07 16:17
- First name: Frank
- Last name: Tanner
Re: updated filezilla and then server got compromised
It doesn't? Hmm... Explain that to the guys that release all of the different flavors of Linux. There are lots of encryption tools (SSH, the keygen tools, et al) in them and even /etc/passwd is encrypted. Putty does a pretty good job of generating SSH key pairs too. KeePass (also Open Source) does a pretty good job of encrypting their password storage files too.boco wrote:Small correction: developer. There's only one. And obfuscation/encryption does not work well for GPL Open Source, where you have to provide everything to the public, even the encryption keys or how to calculate it. Guess what? Today's CPUs will crack it faster than you can blink. I'm not saving any passwords in FileZilla (kiosk mode 1 since it was introduced ages ago).
KeePass also give you a choice of different encryption algorithms that you can use to generate your key.
Just because it is *POSSIBLE* to crack an encryption doesn't mean that you *SHOULDN'T* encrypt it. The RC4 encryption standard, which is used by SSL and TLS, was admitted to have been probably cracked by the NSA. Are you suggesting that all websites stop using SSL?
Re: updated filezilla and then server got compromised
If you have malware on your computer, then the second you decrypt any of those passwords/keys/tokens/whatever, the malware has full access to it. This is the real problem, malware on your computer.
-
- 503 Bad sequence of commands
- Posts: 20
- Joined: 2013-08-07 16:17
- First name: Frank
- Last name: Tanner
Re: updated filezilla and then server got compromised
Be that as it may, that doesn't mean that it's not shitty infosec practice not to encrypt your file. Not only is it piss-poor, but you're hiding your head in the sand and saying "La la la la la... It's not my problem." When, in fact that it is. You have piss poor security practices.botg wrote:If you have malware on your computer, then the second you decrypt any of those passwords/keys/tokens/whatever, the malware has full access to it. This is the real problem, malware on your computer.
Information security is like an onion... It's built on layers. The more layers you have the harder it is to get to the underlying data. By not encrypting this file, you're making it that much easier for the "bad guys" to get the information. You are part of the problem, not part of the solution.
Personally, I think you don't do it because you don't know how and are just disguising it as an "malware will have access to it" issue.
Re: updated filezilla and then server got compromised
And malware on your computer is a breach of the innermost layer.Information security is like an onion... It's built on layers.
-
- 503 Bad sequence of commands
- Posts: 20
- Joined: 2013-08-07 16:17
- First name: Frank
- Last name: Tanner
Re: updated filezilla and then server got compromised
And not encrypting something that can be encrypted trivially is just plain stupid and bad practice. There are plenty of ways to steal the file itself without a machine being infected with malware. Especially if someone is using the "portable" version of FileZilla off of a thumb drive. If that file is encrypted that makes it more difficult to extract the information.botg wrote:And malware on your computer is a breach of the innermost layer.Information security is like an onion... It's built on layers.
You're being obtuse just to be obtuse. You think your way is the better way and you're dead wrong. It would be trivial to implement the code, you just refuse to.
Re: updated filezilla and then server got compromised
Truecrypt anyone?Especially if someone is using the "portable" version of FileZilla off of a thumb drive. If that file is encrypted that makes it more difficult to extract the information.
-
- 503 Bad sequence of commands
- Posts: 20
- Joined: 2013-08-07 16:17
- First name: Frank
- Last name: Tanner
Re: updated filezilla and then server got compromised
So you're, again, falling back on the "La la la la not my problem la la la" mantra...botg wrote:Truecrypt anyone?Especially if someone is using the "portable" version of FileZilla off of a thumb drive. If that file is encrypted that makes it more difficult to extract the information.
That tells me that either you're incompetent at infosec in and of yourself or you're just plain lazy. You are, literally, the only "Open Source" author that provides something that can contain passwords in a "plain text" file that doesn't encrypt them.
By your logic, no password manager should bother to encrypt them, TrueCrypt shouldn't, Linux shouldn't, Keepass shouldn't, et al.
Wow.... The hubris is astounding.
Re: updated filezilla and then server got compromised
Full disk protection and keeping your system free of malware. Then nobody can access any of your data.
-
- 503 Bad sequence of commands
- Posts: 20
- Joined: 2013-08-07 16:17
- First name: Frank
- Last name: Tanner
Re: updated filezilla and then server got compromised
More of the same "La la la not my problem la la la..."botg wrote:Full disk protection and keeping your system free of malware. Then nobody can access any of your data.
Laziness... Pure laziness...
I'm glad the makers of Linux, putty, Keepass, Firefox, et all don't have your philosophy.
Re: updated filezilla and then server got compromised
You're still here?
No support requests over PM! You will NOT get any reply!!!
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org