1
RiazShahid
Big questions on Xoops Security

I had been using XOOPS 2.0.17 since a long time. In the recent days it got attacked by some hackers. After several attempts of recovery I decided to install XOOPS latest stable release thinking, it might have better security.
I just installed XOOPS 2.4.4 in a fresh domain. Just after installation I got security warning
Trojan: JS/Gamburl.E
Perhaps its in XOOPS js file.
I am not too much expertise, what should I do? Does some one else had some sort of same issue?
Is XOOPS not secure? I think yes its not secure, so I am just going to leave it, should I?

2
Mamba
Re: Big questions on Xoops Security
  • 2010/3/29 0:58

  • Mamba

  • Moderator

  • Posts: 11409

  • Since: 2004/4/23


Quote:
Just after installation I got security warning
Trojan: JS/Gamburl.E


How did you get this warning? Pointing to which file? What was the exact text?

Quote:
Is XOOPS not secure? I think yes its not secure, so I am just going to leave it, should I?


XOOPS is very secure, if installed correctly, and if using the Protector module. Otherwise you would be hearing constantly on the Web about XOOPS security flaws.

Of course, there is never a guarantee that a new way won't be found to break in, but as soon as we're aware of it, we fix any vulnerabilities.

Please also note that in many cases it was not the XOOPS itself, but the Apache server, that was used as entry point for the hacker.

See this info for more info about increased security.

3
RiazShahid
Re: Big questions on Xoops Security

I received that warning through Microsoft Security essentials Alert. It says detected items:
Trojan: JS/Gamburl.E
Items: file: C:\Users\....\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GAVVQM6V\xoops[1].js

And yes I am already using Protector module.

4
Mamba
Re: Big questions on Xoops Security
  • 2010/3/29 19:45

  • Mamba

  • Moderator

  • Posts: 11409

  • Since: 2004/4/23


How did the file got there? Did you placed it there, or somebody uploaded it there?

It could be very much that your server is already compromised, i.e. the hacker has cracked your password, and can upload the files there anytime he wants. In such a case, regardless what new version of XOOPS you upload there, they will have the access to your Server.

You should change immediately all you passwords to the server, check the server logs, to see how the file got there...

Login

Who's Online

395 user(s) are online (247 user(s) are browsing Support Forums)


Members: 0


Guests: 395


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits