it does seem to indicate that the servers are running windows
so why any "professional" would choose Ubuntu over those two for a production server is a genuine mystery, but here we are.
Yeah, I pointed that one out too. I would be running shit on BSD, or Solaris. That's just my own taste. Ether way I would be using a build env, and a live environment. Live would have a restricted kernel, and be a binary only environment. At the very most I would use debian over ubuntu, Ubuntu just makes me think that someone has a desktop environment on a server, and if that is that case I would be pointing at that and saying "There's your problem mate". It's all a bit academic though as we are devoid of clue.
I suppose it's also possible Apache has been configured to advertise a false OS in the banner. This was something people used to do to try to be smart around the early 2000's.
Yeah I thought that but the version number does make sense for the latest version of Ubuntu. I don't see a windoze user obfuscating their server arch with something that current, It's usually an idea that comes to an admin, and then once it is set they forget about. The only question we both would be asking in unison now is "Why hasn't it been changed for something older to throw the l33t h4x0rz off the scent. Never mind.. There do seem to be some active vulns in that version of apache, I hope he's been good Mr Patch, or at least doing some apt-get upgrades.
As for malware, it's just a general term for any malicious software that hits any system, Windows or otherwise.
I guess... Though malware is usually a term for user level stuff... What is anything executable and not part of the core being allowed to be any where near it? IT's the whole point of having things run under their own accounts. I am just puzzling my brain as to how an SQL/apache app gets it's self in a position to be affected by something in what is in effect a shared directory... Maybe I am misunderstanding things here. I am not familiar with the whole amazon system you refereed to. The whole thing sounds like something got executed that was hiding as a jpg. The server side stuff doesn't do anything with the images other then open a data stream, it's client side stuff that displays them, and allows execution. An executable hiding as an image is just not something a server would do anything with other than say "here is your packets of jpg goodness". Do you get what I mean?
I get what you mean about a badly configured server, but you would have to fuck it up so badly that I really don't think you would find it. It defo wouldn't be something that would start intermittently start chugging on the servers in the way it seems to have done... Though, if it is an image that is called periodically I guess it could be an issue.
I do think we are debating something we have no hope of knowing an answer to, and I feel we are dick waving our l33t h4x0r ski11z in the face of AS-NS...
I think we have both checked out as >Kiddyscriptorz.
Oh windows is a great choice for internal servers. I used to do some god like goodness with RDP back in the day. It's a pretty good office, and business system, though it is way overly complicated on many things. Having said that again I am way out of date. Last time I had my mits on a windows server it was win 2008. I really have a lot to catch up on as far as the learning curve goes.
I keep trying to persuade myslef to swat up again, and get back in to all this as a job again, but I just have so many bad memories of fucking clueless clients, and more clueless fucking suppliers. I lost the love of it when I got to the point where I was dealing with larg companies that paid me vast sums of money to manage things for them, but they kept insisting that things worked the way they thought it should.
I did a lot of work for the windows, in office environment companies that needed a toughened internet presence, and email solution, and they insisted everything was my fault, and just could not get it in to their heads that I understood EXACTLY what the processes were that something went through, so "loosing an email" was just not something my system could do, let alone loose them on and off periodically from the same user. Unix stuff gives you a certainty about things, where as windows it's all hidden in pretty directories with a billion different permissions and.. Well you know. The just thought my certainty on things was arrogance, and bravado, they just couldn't get it into their heads that I actually KNEW what I was talking about, and that all the cleverness were scripts I wrote myself that ran from a command line or were dealt with by a config, and the logging allowed me to trace every damn bit of data from DNS query to client packet acknowledgement, ain't no data going fucking missing..
Any way I get the idea you are talking about, I would like to argue my logic, but I don't have nearly enough data or confidence that something hasn't changed since I was a god at this to be able to say anything much other than "Doesn't sound right".
LordGrep said:I feel we are dick waving our l33t h4x0r ski11z in the face of AS-NS... I think we have both checked out as >Kiddyscriptorz.
I think we have both checked out as >Kiddyscriptorz.
It looks like you're new here. If you want to get involved, click one of these buttons!
The most Intuitive, Well Organized and Good Looking forum on the Web. It has never been so fast and easy to start giving premium support.