From: Stephen H. <ho...@bu...> - 2013-03-14 14:17:50
|
To diff they would have to be on the same box, or nfs mounted to appear to be on the same box. -----Original Message----- From: Katharina Wolkwitz [mailto:wol...@fh...] Sent: Thursday, March 14, 2013 10:05 AM Cc: vuf...@li... Subject: Re: [VuFind-General] Vufind 1.4 server with overnight-amnesia Hi Stephen, I'm not quite sure, how to do the diff-command over to different servers. Can you point me to a how-to? The servers can talk to each other via ssh if that would help btw. The sitecheck.sucuri.net/scanner/ gave both servers a "clean bill of health" which is a bit promising, I think/hope. :-) I've bookmarked the link. :-) Thanks for all the tipps! Kate Am 14.03.2013 14:36 schrieb Stephen Hovey: > Well.. in the case of the site I had.. urls never directly called a file > with a php extension.. so I looked thru the apache logs for calls to files ending .php > > I also compared the live directory structure with a copy of the distribution version (it was an open source cms) to see which files shouldn't be there, and which weren't standard any more. > > If you have a backup copy in one place and live copy on another, on linux a command to do this would be: > diff -qr /pathtolive/ /pathtogoodbackup/ > > > I also scanned my own site using this site's tool > > http://sitecheck.sucuri.net/scanner/ > > It's how I located a poisoned javascript file. > > -----Original Message----- > From: Katharina Wolkwitz [mailto:wol...@fh...] > Sent: Thursday, March 14, 2013 9:28 AM > To: vuf...@li... > Subject: Re: [VuFind-General] Vufind 1.4 server with overnight-amnesia > > Am 13.03.2013 17:51 schrieb Stephen Hovey: >> I would check for signs of hacking.. I had a web site once that got hacked, > and the only reason I noted it right away is that the site broke for a short > period, then suddenly worked again.. The hacker broke it then fixed it, adding > his extra payload. > > Horryfiyng thought... > How would I look for signs of hacking? > > Well - one thing I finally got around to is switch on the firewall, which now > only allows the following: HTTP, HTTPS, SVNserve and TCP-Port-22 (in combination > with a list of IPs in the /etc/hosts.allow-file). > > I guess I'd need to analyse the (Apache-)logs for (outgoing) traffic that > shouldn't be there. > Can you recommend a good and especially easy to install, configure, understand > (!!!) and use tool? > > As you can easily guess from the above I'm not a very well versed server > administrator, especially when network-security-issues are concerned. > > Kate ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_mar _______________________________________________ VuFind-General mailing list VuF...@li... https://lists.sourceforge.net/lists/listinfo/vufind-general The Buffalo & Erie County Public Library System has more than 2.6 million materials available for borrowing including books, eBooks, DVDs, music and more. Free library card applications can be downloaded and taken to any of the 37- local public libraries for processing. A valid form of identification and proof of address is necessary. For more information call 716-858-8900 or visit www.BuffaloLib.org . |