1. "Focusing your life solely on making a buck shows a certain poverty of ambition..." Barack Obama ..... 2. "One of the sad signs of our times is that we have demonized those who produce, subsidized those who refuse to produce, and canonized those who complain." By Thomas Sowell

About Me (Full Bio)

Welcome to Monetizing IP Communications Blog

The Benefits of Project Management Certification

IBM Tivoli Foundations Application Manager

Taming the Content Tiger - Make Your Organization Competitive

Your IP Communications Biz is Up and Running and Ping! Malware Arrives

What to do?

1. Take site offline, and replace with an "under maintenance" page.
2. Work out how the malware got there. The most recent was via an SQL injection vulnerability (HP(?) produce a useful scanner for these); another was down to an unpatched underlying operating system.
3. If it's an OS hole, plug it.
4. Restore the site and data from a recent, uncorrupted backup.
5. If it's a hole in the site, plug it.
6. Test
7. Put it back live
8. Subscribe to a service that will notify you of changes to the site, and take note of unexpected ones.

Various things not to do:
1. Leave it live while you try to work out how to fix it. It's much easier to get on to Google's list of malware-infested sites than off it.
2. Restore from backup and/or eliminate the malware from the site without diagnosing and fixing the vulnerability in the hope that it won't come back. It will.

The opinions and views expressed in comments, blogs, etc. are those of the authors alone and not necessarily those of TMC, TMCnet, or its editors. TMCnet reserves the right to edit, delete, or otherwise make changes to the content that appears on these pages at its own discretion and as it deems necessary.

August 23, 2010 8:24 AM |