I have a real problem with invasion and installing of bots for phishing on one of my servers. Due to this, it is listed in
several blacklists. Some details:
1) It is a Linux Centos Server, running Apache (version [url removed, login to view]), Sendmail (version 8.13.1), PHP4. It is something
old, and probably on next month we will be moving to a new one, with Postfix, PHP5, etc. But I have serious
problems to solve right now and can't wait.
2) It is basically a Domains Server, but it still has some mailboxes, which I am moving, on this next weekend, to
another Server, securer and running Postfix. So on next Monday it will have just Domains, no mailboxes.
3) Its Domains (hundreds) all have forms. These thousands of forms use an old Perl CGI Script (see attached files)
which has been modified along the time to add some security, but I think this has not been enough. This Script
resides at system cgi-bin directory or at some of the Domains' cgi-local directories.
4) My /var/log/maillog file is very strange, see a portion of it also in attachment. It covers today, Apr 7, just from 7am to 9am, that is, 2 early hours in the morning, a period when this Server normally never shows heavy activity.
5) At any time of the day or the night, this maillog file shows a very strong sendmail activity, as if this Server had
hundreds and hundreds of mailboxes. I assure: this Server's existing mailboxes are not enough to generate a so
intensive activity. This must be someone else using the Server for spamming, and I need to stop them.
What I need with this Bid request is in the doc attached.
1) Complete and fully-functional working program(s) in executable form as well as complete source code of all work done.
2) Deliverables must be in ready-to-run condition, as follows (depending on the nature of the deliverables):
a) For web sites or other server-side deliverables intended to only ever exist in one place in the Buyer's environment--Deliverables must be installed by the Seller in ready-to-run condition in the Buyer's environment.
b) For all others including desktop software or software the buyer intends to distribute: A software installation package that will install the software in ready-to-run condition on the platform(s) specified in this bid request.
3) All deliverables will be considered "work made for hire" under U.S. Copyright law. Buyer will receive exclusive and complete copyrights to all work purchased. (No GPL, GNU, 3rd party components, etc. unless all copyright ramifications are explained AND AGREED TO by the buyer on the site per the coder's Seller Legal Agreement).
Linux Server, running, Centos, Apache, Sendmail, PHP.