MyBB Internal: One or more warnings occured. Please contact your administrator for assistance.
public instance security and abuse
Current time: 02-22-2020, 11:39 AM Hello There, Guest! (LoginRegister)

Post Reply 
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
public instance security and abuse
11-02-2015, 03:18 PM
Post: #1
public instance security and abuse
What improvements have been made to the security used
for public instances?

At least one public instance has had a trojan dropper
installed. For the curious, look for the service "syshost32"
and a windows firewall rule "core networking - ip stack".
The rirewall rule allows any protocol, on any port and any
address. Translation: wide open.

The result will be lots of UDP traffic, presumably to
command and control centres.

The requirement that webpagetest agents run with admin
permissions and wide open browsers settings is no doubt
a huge security threat to the machine and the network it
sits on.

Less damaging, but still annoying is seeing the machine
being abused by rapid fire "tests" which are nothing more
than a means of driving up page views for small time
web sites showing banners and youtube videos.

So what can be done to secure a public instance to avoid
a repeat performance?

Find all posts by this user
Quote this message in a reply
Post Reply 

Messages In This Thread
public instance security and abuse - plumsauce - 11-02-2015 03:18 PM

Forum Jump:

User(s) browsing this thread: 1 Guest(s)