Wednesday, September 26, 2012

Re: spam scripts on vim.org

doak wrote:
> Hi,
>
> On 25.09.2012 23:00, John Beckett wrote:
>
>> But in reality, there is not enough spam to warrant any messing
>> around.
>>
> In my oponion this is not related to spam.
> As Marc Weber has already stated, I think it looks like an attack on the web server. As far as I understand the issue, the uploaded "jpeg" tests if an already injected file exists or it test if the execution of the php code works.
> As there were four (!) uploads of the same content, it looks like something else was tried and the result was tested again.
>
> I guess the uploaded content was only some stuff we noticed. The real issue could be undetected yet.
>
May I suggest that our hardworking moderators should check on .htaccess
files' timestamps/content (if any). Setting up a cron job to download
any and all .htaccess files from the server and insuring that their
contents haven't changed might be a fairly straightforward action.

Regards,
C Campbell

--
You received this message from the "vim_use" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php

No comments: