Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: dave (daveimmunityinc.com)
Date: Mon Oct 04 2010 - 15:53:01 CDT
-----BEGIN PGP SIGNED MESSAGE-----
So the dotnetnuke site is down. Someone scarfed their web.config and then owned them,
and recovering is taking a while.
But this is true for very large parts of the internet now. There's nothing special
about .NetNuke. If someone grabs your web.config (or random other files on your web
server) then you are usually going to shortly be running shell.aspx - and after that,
some sort of nice kernel rootkit.
It's your basic massive break-the-internet nightmare, that Microsoft has avoided for
many years since Code Red and the rest of the big worms ran rampant on IIS. It's
interesting that this time around it's not a buffer overflow.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Dailydave mailing list