[Typo3] our webserver hacked, is typo3 the reason?

Matthew Manderson matthew at manderson.co.uk
Sat Apr 16 14:36:02 CEST 2005


Add tripwire to the server so next time you will have a nice record of what
changes were actually made if any.

If the server has actually been compromised, you are going to be left pretty
dumb as to what may have been left behind. 

Without before and after logs or without expert help you will remain pretty
clueless to what happened and how to repair and protect.

A few server vulnerabilities have already been pointed out to you.

>From what I understand the vast majority of breaks will come from known
server vulnerabilities and not from a TYPO3 vulnerability of which I have
not read of anything being broken into through TYPO3 that could not have
been protected through the obvious and well documented suggestions.

If you get dragged into a conversation blaming TYPO3 laugh at your sysadmin
and tell them to prove it. I doubt that will happen, if the sysadmin has
already identified the exact time he probably has the logs to start some
research, but of course, modern attacks will also fake log entries.

Enjoy,

Matthew



More information about the TYPO3-english mailing list