|
|
|
|
|
|
by MayIHaveAnother
4263 days ago
|
|
|
A very common attack vector is through installed web applications. Especially if you run wordpress with a lot of plugins installed, be sure to enable correct read/write settings for /var/www, and update your application frequently. Malicious entities runs 24/7 scans towards indexed URL's attempting to exploit various vulnerabilities, and many of the vulnerabilities allows remote code execution, upload of php files etc. This can be used to upload malicious code, simple php-webshells, and then your VPS is suddenly a part of a DDoS/Scanning network. Exploited Wordpress sites are a problem, Zeus/Zbot-Trojan is often seen downloading updates/configs from these, and they are also often used to redirect users to Exploit Kits. |
|
|
Not installed either yet (LMD could really use some .deb packages) but could be a useful alternative to Tripwire