Thread: Hacked!!!
View Single Post
  #10  
Old 2nd March 2010, 08:44
SamTzu SamTzu is offline
HowtoForge Supporter
 
Join Date: Apr 2007
Location: Helsinki
Posts: 426
Thanks: 33
Thanked 55 Times in 38 Posts
Send a message via Skype™ to SamTzu
Default

Nope.

As I said before...
What I'm really worried about is that 2 of the 7 hacked servers had almost no installed services and no other users.
(No Email or FTP service installed.)

That points the vulnerability (if there is one) to either Debian/Ubuntu LAMP or ISPConfig.

Either way it's not good.
We are still working on weather it was a weak password or a vulnerability.
What's worse is that it looks like a 'script kiddie' type of hack. They were not too clever in covering their tracks.
Missing cron jobs and history are pretty obvious clues.
If this is a vulnerability it means that this vulnerability is easily available.
__________________

Sami Mattila
Internet-Content

Telephone:
00358942833310
Email: firstname.lastname@internet-content.org
Shop: http://shop.internet-content.net
Site: http://www.internet-content.net
Blog: http://www.internet-content.net/en/blog
FB: https://www.facebook.com/internetcontent


Last edited by SamTzu; 2nd March 2010 at 08:50.
Reply With Quote