On Tue, 01 Oct 2013 16:42:31 +0300, Νίκος wrote: > Στις 1/10/2013 4:27 μμ, ο/η Chris “Kwpolska” Warrick έγραψε: >> On Tue, Oct 1, 2013 at 3:15 PM, Νίκος <nikos.gr...@gmail.com> wrote: >>> Στις 1/10/2013 4:06 μμ, ο/η Mark Lawrence έγραψε: >>>> >>>> On 01/10/2013 10:58, Νίκος wrote: >>>>> >>>>> Just logged in via FTP to my server and i saw an uploade file named >>>>> "Warnign html" >>>>> >>>>> Contents were: >>>>> >>>>> WARNING >>>>> >>>>> I am incompetent. Do not hire me! >>>>> >>>>> Question: >>>>> >>>>> WHO AND MOST IMPORTNTANLY HOW DID HE MANAGED TO UPLOAD THIS FILE ON >>>>> MY ACCOUNT? >>>>> >>>>> PLEASE ANSWER ME, I WONT GET MAD, BUT THIS IS AN IMPORTANT SECURITY >>>>> RISK. >>>>> >>>>> SOMEONES MUST HAVE ACCESS TO MY ACCOUNT, DOES THE SOURCE CODE OF MY >>>>> MAIN PYTHON SCRIPT APPEARS SOMEPLACE AGAIN?!?! >>>> >>>> >>>> Would you please stop posting, I've almost burst my stomach laughing >>>> at this. You definetely have a ready made career writing comedy. >>> >>> >>> Okey smartass, >>> >>> Try to do it again, if you be successfull again i'll even congratulate >>> you myself. >>> >>> -- >>> https://mail.python.org/mailman/listinfo/python-list >> >> It looks like you are accusing someone of doing something without any >> proof whatsoever. Would you like help with the fallout of the lawsuit >> that I hope Mark might (should!) come up with?i'am >> >> Speaking of “try again”, I doubt it would be hard… As long as a FTP >> daemon is running somewhere (and you clearly do not know better); or >> even you have a SSH daemon and you do not know better, an attacker can: >> >> a) wait for you to publish your password yet again; >> b) get you to download an exploit/keylogger/whatever; >> c) brute-force. >> >> Well, considering it’s unlikely you actually have a long-as-shit >> password, (c) is the best option. Unless your password is very long, >> in which case is not. >> >> I’m also wondering what language your password is in. If you actually >> used a Greek phrase, how long will it take you to get locked out due to >> encoding bullshit? > > Like i use grek letter for my passwords or like i'am gonna fall for any > of your 3 dumbass reasons. > > I already foudn the weakness and corrected it.
i hope whoever is taking on your roll has a better basic understating of programming & systems administration. good luck with you new career -- This place just isn't big enough for all of us. We've got to find a way off this planet. -- https://mail.python.org/mailman/listinfo/python-list
