Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Thread Tools Display Modes
Old 6th September 2009, 18:46
nsansari nsansari is offline
Junior Member
Join Date: Mar 2009
Posts: 19
Thanks: 0
Thanked 0 Times in 0 Posts
Default My ISPConfig got hacked

I've been running this ISPConfig system for a few years couple of years now. It was build using the perfect setup guides. Current version is 2.2.18 and OS is Ubuntu gutsy 7.10.

I've had it running without any problems. However yesterday I was informed one of the website had been hacked. So tried to login to the server and could not login using root. Logged in using my own account and then changed the root password. Found out 3 websites in total had been hacked. index files had been replaced. Restored from backup.

I checked the logs and did see some thing called morpheus fu****g scanner mentioned.

I know I have not updated the system in a long time and will be looking to do this ASAP but for the time being any advice what should I do from this happening again. ? especially the worry is how did they manage to change the root password ?

I am no expert on linux and this was my first and only project with it so please bear with me.

Thanks in advance.
Reply With Quote
Sponsored Links
Old 7th September 2009, 14:01
falko falko is offline
Super Moderator
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,749 Times in 2,579 Posts

I guess this has nothing to do with ISPConfig, but with leaks in your web applications.

The safest thing to do would be to set the system up again from scratch because you never know what else the hackers changed.
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPconfig setup - DNS, router and general access problems ingvar Installation/Configuration 6 31st July 2010 14:13
Server Hacked ispconfig leak? clandistwood General 11 4th May 2010 11:28
Install a Comodo InstantSSL Certificate for ISPconfig Apache, Postfix, Imap & Pop gwa7 Installation/Configuration 0 10th April 2009 05:54
ISPConfig 2.3.1-dev released till General 0 8th May 2006 23:18
SP-Server Setup - Ubuntu 5.10 "Breezy Badger" - Page 6 (changes) LuisC-SM HOWTO-Related Questions 0 21st April 2006 16:16

All times are GMT +2. The time now is 13:44.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.