I installed DBman on my website last December. It took me a while to configure as I'm not an expert at this game. I was very pleased to see it working finally and it has been very useful to the members of my professional association who use it.
Just two days ago I went onto my site and found someone had hacked in and disabled the Bulletin Boards on the site. I was able to restore the systems after some work, and the hacker appears not to have done much other harm. I suppose I should consider myself lucky.
I checked the access/error logs on the site and could see the evidence this person left. Including his/her IP address.
I contacted my server supplier to ask for their help.
Imagine my surprise when they pointed out to me that the hacker had used the DBman perl script on my site to make his way in! I'm really angry that this software seems to be a backdoor through which people like this can enter my site. I'm thinking of deleting the script, as this is what my server customer reps recommend.
Is there a known weakness that is being exploited here? Can I do anything to stop this git before it happens again...I have to act fast obviously, I can't let him wreck this site.
Any advice would be welcome.
Just two days ago I went onto my site and found someone had hacked in and disabled the Bulletin Boards on the site. I was able to restore the systems after some work, and the hacker appears not to have done much other harm. I suppose I should consider myself lucky.
I checked the access/error logs on the site and could see the evidence this person left. Including his/her IP address.
I contacted my server supplier to ask for their help.
Imagine my surprise when they pointed out to me that the hacker had used the DBman perl script on my site to make his way in! I'm really angry that this software seems to be a backdoor through which people like this can enter my site. I'm thinking of deleting the script, as this is what my server customer reps recommend.
Is there a known weakness that is being exploited here? Can I do anything to stop this git before it happens again...I have to act fast obviously, I can't let him wreck this site.
Any advice would be welcome.