Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 5th October 2008, 10:04
vicboy vicboy is offline
Junior Member
 
Join Date: Jun 2007
Location: Girona & Vic, Spain
Posts: 7
Thanks: 2
Thanked 0 Times in 0 Posts
Send a message via MSN to vicboy Send a message via Skype™ to vicboy
Question 2 q's: post-install & doubt about web ID

Hi everyone.

Last thursday I updated some of my servers' ISPconfig from 2.2.25 to 2.2.26. It seems that everything worked fine. But one of them needed to be restarted yesterday; and when we've done that, the server stopped booting. The problem was that the file /sbin/hwclock was changed (not damaged; before it was a compiled file; and after the install we found a .sh script). We needed to replace the file again. The last modified timestamp of the "bad" file was 2th Oct at the time when I updated ISPConfig. I've looked for information in docs, but I couldn't find anything about modifying this file on FC7. Could somebody tell me if there's any reason for ISPConfig to change that? Or may I look for some kind of "attack" or other kind of problems?

The second question: I've installed ISPConfig in one of my servers in order to manage some websites; but when I created two or three of them; I wanted to use it as a backup-server; replicating via rsync the files from another server. Well, I just wanted to know if, without reinstalling, I can change the ID of the three websites I've already created in order to mantain the IDs from the server I want to backup/replicate. I mean: by now I have web1, web2 and web3. And I would like to "rename them" (and his databases) to web40, web41 and web42 (for example). Is there any way I can do it safely?

Thank you very much!
Reply With Quote
Sponsored Links
  #2  
Old 5th October 2008, 12:42
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,453
Thanks: 813
Thanked 5,222 Times in 4,092 Posts
Default

I'am pretty sure that ISPConfig did not change that as ISPConfig does not interact with the hwclock. You should check your server with e.g. rkhunter for rootkits.

To your seecond question. Renaming of the ID's will mess up the database. Better to uninstall ISPConfig by running /root/ispconfig/uninstall and then reinstall it again.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 5th October 2008, 13:16
vicboy vicboy is offline
Junior Member
 
Join Date: Jun 2007
Location: Girona & Vic, Spain
Posts: 7
Thanks: 2
Thanked 0 Times in 0 Posts
Send a message via MSN to vicboy Send a message via Skype™ to vicboy
Thumbs up

Thank you very much, till. I just wanted to make sure before getting worried. By now I think I must worry about that! I'll try to look for rootkits in the server.

About the second question, that's what I thought, but I got he first question so I used the same post to try
Reply With Quote
  #4  
Old 5th October 2008, 13:29
vicboy vicboy is offline
Junior Member
 
Join Date: Jun 2007
Location: Girona & Vic, Spain
Posts: 7
Thanks: 2
Thanked 0 Times in 0 Posts
Send a message via MSN to vicboy Send a message via Skype™ to vicboy
Default Scan shows no infected files

These are the results of the scan with rkhunter (as found in http://www.howtoforge.com/faq/1_38_en.html):

---------------------------- Scan results ----------------------------

MD5
MD5 compared: 0
Incorrect MD5 checksums: 0

File scan
Scanned files: 342
Possible infected files: 0

Application scan
Vulnerable applications: 0

Scanning took 40 seconds


It only told me that there's possible to login as root via SSH (ssh2; and it is necessary because the server is physically far from me; and we have denyhosts installed and look into the ssh logs regularly).

It also told me that I should watch out a file:

Scanning for hidden files... [ Warning! ]
---------------
/dev/.udev /etc/.pwd.lock
---------------
Please inspect: /dev/.udev (directory)

I0'll go on looking for what could be the problem...

Thank you again (just wanted to doc everything here for if someone needed...)
Reply With Quote
  #5  
Old 5th October 2008, 13:50
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,453
Thanks: 813
Thanked 5,222 Times in 4,092 Posts
 
Default

Quote:
It also told me that I should watch out a file:

Scanning for hidden files... [ Warning! ]
---------------
/dev/.udev /etc/.pwd.lock
---------------
Please inspect: /dev/.udev (directory)
If I remember correctly I have seen this warning on several systems, so I guess its a false positive.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
Reply

Bookmarks

Tags
2.2.26, installation, rename

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
New ISPConfig Install nubtool Installation/Configuration 15 18th May 2008 16:46
Create your own install disk mphayesuk Installation/Configuration 4 28th February 2008 19:46
Egroupware install bernholdt General 3 24th February 2008 14:28
email not working anymore oddo General 2 13th February 2008 17:54
Post GUI install willebanks Installation/Configuration 2 11th February 2008 16:51


All times are GMT +2. The time now is 16:43.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.