Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 6th September 2009, 17:46
nsansari nsansari is offline
Junior Member
 
Join Date: Mar 2009
Posts: 19
Thanks: 0
Thanked 0 Times in 0 Posts
Default My ISPConfig got hacked

I've been running this ISPConfig system for a few years couple of years now. It was build using the perfect setup guides. Current version is 2.2.18 and OS is Ubuntu gutsy 7.10.

I've had it running without any problems. However yesterday I was informed one of the website had been hacked. So tried to login to the server and could not login using root. Logged in using my own account and then changed the root password. Found out 3 websites in total had been hacked. index files had been replaced. Restored from backup.

I checked the logs and did see some thing called morpheus fu****g scanner mentioned.

I know I have not updated the system in a long time and will be looking to do this ASAP but for the time being any advice what should I do from this happening again. ? especially the worry is how did they manage to change the root password ?

I am no expert on linux and this was my first and only project with it so please bear with me.

Thanks in advance.
Reply With Quote
Sponsored Links
  #2  
Old 7th September 2009, 13:01
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,740 Times in 2,575 Posts
 
Default

I guess this has nothing to do with ISPConfig, but with leaks in your web applications.

The safest thing to do would be to set the system up again from scratch because you never know what else the hackers changed.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPconfig setup - DNS, router and general access problems ingvar Installation/Configuration 6 31st July 2010 13:13
Server Hacked ispconfig leak? clandistwood General 11 4th May 2010 10:28
Install a Comodo InstantSSL Certificate for ISPconfig Apache, Postfix, Imap & Pop gwa7 Installation/Configuration 0 10th April 2009 04:54
ISPConfig 2.3.1-dev released till General 0 8th May 2006 22:18
SP-Server Setup - Ubuntu 5.10 "Breezy Badger" - Page 6 (changes) LuisC-SM HOWTO-Related Questions 0 21st April 2006 15:16


All times are GMT +2. The time now is 19:15.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.