I know, this is a special section and I am not the programmer or the Linux expert you are looking for but… here it is my story against a spammer!
When I was more or less 18 I had a dream: to write good books and… well, that story you all know. It’s a long way and we’ve created Yareah Magazine for many reasons that I won’t explain here for time reasons. Three months ago, and because of the visits and a bad company, we had to change to a private server in NYC to continue with the magazine. We have more visits now but we needed something important: a Linux expert. Most of the private servers use Linux to work –it works great, there’s no complaint in this new server- but a private server is… how to express it? Well, you need computing studies to manage the command line prompt. I knew Linux and I used it when I was 20, even compiling the sources in the Gentoo distro-if you don’t know, Linux has many distributions, you can choose which you like.
I created the server with Apache, Postfix, Bind-9 (this is a domain name server) and, when I have it, I had to call a real PC expert who tried to help me. He didn’t find the solution by himself but, together, we could get the server up that afternoon. The things were good during two months. I could even write some articles for the magazine and I thought my life would be like a writer’s life –I mean: write to 9, whiskey every night and get back again and again- but no… You have found a real problem when you have a dedicated server: there are many malicious characters out there and I’m not talking about a Dickens’ tale.
A script is a little program with orders –remember, I’m not an expert, if you are you can call me, it’s no offense- that can execute like a loop, and this is exactly what this happy character did. The server advise me that my server was sending phishing –talking in the simple way: spam, no desired emails to many institutions and websites. But when I am talking about Spam you can imagine ten… maybe twenty emails. No, I am talking about, in the three first ours of the infection, my server was collapsed and I had one partition full –this is to prevent precisely this.
If you are on my same frame of mind:
1.- Stop immediately the email server (postfix in my case, you know /etc/init.d/postfix stop) and this will prevent to continue emailing. I am writing this in calm, but take notice that when I received the complaints I began to get crazy, thinking about jail, FBI and stupid things like those. This is important: stop the postfix (or exim4, the default email server in Debian, I had to change it).
2.- (Very important): Calm, calm, calm. If you aren’t an expert, it doesn’t mind. Actually, the jails are comfortable places and you can even survive for two or… even three years!
3.- It exists a program called maldet. I love it. In ten minutes it found the error and it deleted it. It’s very easy to install from command prompt. Here is how to install it via SSH: http://www.hostingdiscussion.com/essential-software-control-panels/28710-how-install-maldet.html
4.- Clean the server. I am not still sure if I need to clean the server or I need to maintain the data. It’s a legal issue. I recommend you inform about it if you have the same problem.
5.- WordPress CHMOD. Very important. I was attacked because I have a misconfiguration in my permissions. Then, the hacker (or whatever you can call it) introduced a malicious code in my sever and the php code began to execute and created the chaos. 664 for files, 775 for folders I can remember. (Check it first, please).
6.- If you are not a Linux expert and your site is little… continue with your life. I don’t like these kind of messes. I am beginning to hate computers since that.
7.- Check the postfix permissions and configure it correctly. My second fault was there. There are many great guides on the web.
8.- Check that you have installed and configured clamAV and spamassasin. They are very important.
9.- Read Yareah Magazine. It won’t help you in your inter-galactic fighting but… I promise it’s much funnier than Linux programming.
Have a great day, YM friends!
NOTE: I know everybody loves hackers because they are cool and Lisbeth Salander is great. I’m just talking about a spammer.