Ok. If hacker have ftp access he can execute php or cgi pearl script and after that he have all access to all /var/www folders.
How it can be?
If you have ISPConfig2(Perfect server install) with final updates and ubuntu with final updates.
P.S. ispconfig user have shell with /bin/false or with /dev/null
And "ispconfigend" user - it is ispconfig user? I have this user.
Last edited by Captain; 22nd December 2010 at 21:52.