Welcome to Bucaro TecHelp!

Bucaro TecHelp
Maintain Your Computer and Use it More Effectively
to Design a Web Site and Make Money on the Web

About Bucaro TecHelp About BTH User Agreement User Agreement Privacy Policy Privacy Site Map Site Map Contact Bucaro TecHelp Contact RSS News Feeds News Feeds

Victims of Sandy Hook

Stop the Slaughter of Innocents. Congress is bought and paid for by gun lunatics and gun promotion groups. If you want to live in a safe America, help buy Congress back for America. Send a donation to Mayors Against Illegal Guns, 909 Third Avenue, 15th Floor New York, NY 10022

Don't Let doors.txt Take Control of Your Email Server

If you have an email contact form on your Website and you have received a message which appears to contain random text and the file name doors.txt followed by some digits, your mail server is being probed for vulnerabilities by a hacker. An example of a possible message is shown below:

from: TgItsudES

subject: AZAhxBZAFcgjgFMAHeb

body: doors.txt;3;6

This seemingly random text is actually machine code that probes your email server for backdoors (unsecured ports) which the hacker can use to take control of it to send massive amounts of spam. The digits after doors.txt are parameters for the file doors.txt which is used to send information about any backdoor vulnerabilities in your email server back to the hacker.

Hopefully your mail server is administered by on-the-ball system administers who have secured all backdoors, but if you're not confident of that, you should have code in your email form that modifies any incoming messages. The text string in the subject and body of all incoming email messages should be modified by your email form code.

Code in your email form should break the text string and stuff characters in the string that you can easily filter out later. The inserted characters will cause the hacker's machine code to fail.

RSS Feed RSS Feed

Follow Stephen Bucaro Follow @Stephen Bucaro

Web Design Sections

WordPress Security

90% of business websites have been hacked in the last 12 months. This ebook gives you a complete checklist of things you can do to secure your website without hiring a pricey web developer.

Reader John M Stokes says, "This book is a great resource for security on Wordpress and also does it very quick without having to be a long and boring. Truly worth getting to make sure your Wordpress site is as safe as possible. Click here for more information.

Fire HD
[Site User Agreement] [Privacy Policy] [Site map] [Search This Site] [Contact Form]
Copyright©2001-2017 Bucaro TecHelp 13771 N Fountain Hills Blvd Suite 114-248 Fountain Hills, AZ 85268