Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Thread Tools Display Modes
Old 21st April 2006, 17:34
MvincM MvincM is offline
Join Date: Apr 2006
Posts: 62
Thanks: 1
Thanked 4 Times in 2 Posts
Default Are there any security bugs?


Maybe it is coincidence but...

After installling ISP my server was hacked. Server was update regulary and for at least 1 yesr everything was ok (no bad guys).

And suddenly afert installing ISP server get hacked.

Are you know some security hole? What happened? Any ideas?

Thanks in advanced!

Best regards,
Reply With Quote
Sponsored Links
Old 21st April 2006, 18:13
falko falko is offline
Super Moderator
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,752 Times in 2,582 Posts

There are no known security bugs in ISPConfig.
Did you change the ISPConfig admin password immediately after installation?
Do you know how you got hacked?
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Old 21st April 2006, 18:33
MvincM MvincM is offline
Join Date: Apr 2006
Posts: 62
Thanks: 1
Thanked 4 Times in 2 Posts

Yes. I did

They (he) log in to my server from:

user-12hdje2.cable.mindspring.com (but it could be fake)

reboot server and change my root password - so now I can't even login to root account and trace them and search for rootkit or sth... Server stay in Datacenter...

I have shell access but only for normal user...

"last" command display:

root pts/0 user-12hdje2.cab Fri Apr 21 03:08 - 03:08 (00:00)
root pts/0 Fri Apr 21 03:05 - 03:05 (00:00)
reboot system boot 2.6.8-3-686 Fri Apr 21 02:44 (14:46)

I can't figure out how they do that... I'm preaty sure I don't have any keylogger on my PC so I don't know...

Any ideas???

Best regards,
Reply With Quote
Old 21st April 2006, 18:54
MvincM MvincM is offline
Join Date: Apr 2006
Posts: 62
Thanks: 1
Thanked 4 Times in 2 Posts


Just imagine !!! that Datacenter staff reboot my server, change my root password from console (in single mode) - not saveing the previous one.

All these things were made without informing the client (me) !!!

I have inform them about server hacking and then they remind to inform me about all this mess... In my opinion something is wrong with customer care in this company...

Thanks a lot for your interesting.

End of Topic.

Reply With Quote


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Anything Security Related sbovisjb1 Forum Suggestions 2 6th April 2006 17:55
ISPConfig Security - Firewall cybereatl Installation/Configuration 5 2nd April 2006 18:02
Possible security problem bjmg General 2 15th March 2006 19:33
Virtual Users And Domains With Postfix, Courier And MySQL (+ SMTP-AUTH, Quota, SpamAs ebbay Installation/Configuration 9 4th March 2006 12:47
ProFTPD potential security hole domino Server Operation 3 19th August 2005 04:25

All times are GMT +2. The time now is 01:09.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.