Forum OpenACS Q&A: Response to Security: Hacker sends Viruses

Posted by Don Baccus on
Can you be more clear as to what you mean by "get into your box"?  Sound like a bad line from an XFL broadcast...

Seriously, did they get shell access?

If not, and if you're not running Postmaster with -i and an externally  visible IP, you should be OK regarding PG.

And if they didn't gain shell access AOLserver should be fine, too.

If they got shell access, they very likely got root access.  At least, you should presume they did.  Even if they didn't, the user account they logged in under might have access to PSQL and the database.  So in theory they might've gone in and played with database tables.

I rather doubt it, though.  One advantage of using relatively unknown AOLserver and PG (as compared to Apache and MySQL) is that your typical unskilled script kiddie won't know what they are or how to screw it up.

I'd be more worried about them having had root access and loaded a bunch of standard rootkit stuff with all sorts goodies that let them take over your system whenever they want.