Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Looking for hacks and malware on dedicated host...
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Looking for hacks and malware on dedicated host... (Read 870 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33903
malware fighter
Looking for hacks and malware on dedicated host...
«
on:
May 16, 2018, 10:21:03 PM »
IDS alert because su-domain.
Where:
https://toolbar.netcraft.com/site_report?url=http://ps1.su
For what:
https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=ps1.su%2Findex.php&ref_sel=GSP2&ua_sel=ff&fs=1
Not safe connection - htxp://ps1.su.w3snoop.com/ On IP:
https://www.malwareurl.com/ip_listing.php?ASN=AS12876
Also found here:
http://www.the-haleys.com/chaley/ssh_dico_attack_hdeny_format.php/hostsdeny.txt
and also listed here:
https://github.com/firehol/blocklist-ipsets/blob/master/haley_ssh.ipset
Webserver extensive server info proliferation: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.4.16
File reb.js ->
https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=ps1.su%2Freb.js&ref_sel=GSP2&ua_sel=ff&fs=1
Brute Force Word Press abuse, -ps1.su/code/js/labels.120js could not be found. Status: fail:
https://retire.insecurity.today/#!/scan/df4d0ee43fe57c371fe9ccb1809c098d4ccae43acfdc2923e234981c80d75e82
See:
http://www.domxssscanner.com/scan?url=http%3A%2F%2Fps1.su
polonus (volunteer website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Looking for hacks and malware on dedicated host...