Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 23rd October 2009, 23:51
diego diego is offline
Junior Member
 
Join Date: May 2009
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Exclamation Perfect Setup Debian Lenny not so perfect for me

Hi!

I just wanted to give some feedback on 2 installations I did 2 months ago with the perfect setup Debian Lenny + ISPConfig 3 (1 Master, 1 Slave).

The installation itself was easy and painless, but now the first installation Lenny + ISPConfig 3 was hacked and was used for Paypal Phishing attempts. I do not know how they did it, as the server is currently offline (my hoster had to do this, firefox even reports my server as a phishing server ). The installation was 100 % Standard, no mods on my side. So, there is some security issue somewhere.

The second installation also went fine, but I recognized heavy traffic (300 MB / hour) without any special software installed. After some debugging I recognized that on the standard-install, apache2 is configured for ProxyRequests and some spammers used my machine for that. After shutting that down, the traffic went back to normal. Maybe this should be mentioned and addressed in the tutorial.

One thing which should also be addressed is, that at the time of my installation the latest phpmyadmin-packages for debian which you download with apt-get had a security-problem regarding the config-file, as after installation the cookie-based authentication (needed by ispconfig) got changed to user-based in the config-file (there are posts about this on the inet, as this broke the ispconfig3 authentication).
Again, this should be addressed or at least mentioned in the perfect setups.

Keep on the good work,
Diego
Reply With Quote
Sponsored Links
  #2  
Old 24th October 2009, 10:07
damir damir is offline
Senior Member
 
Join Date: Jun 2006
Posts: 375
Thanks: 11
Thanked 51 Times in 42 Posts
Default

Perfect Howtos are perfect in installation but not in security, you should be aware of hardening the system after the default installation. There is a lot of work to be done to make a system secure. But even if you have a secure system, if it's not updated and if you do not have some kind of monitoring it gonna be hacked soon or later.

Ispconfig 3 is just a script that controls the services, those services needs to be secured by you.

Regarding phpmyadmin, you should always install it as separate site, because like i said you are the sysadmin and it's your job to follow at least two security related sites, phpmyadmin hole was announced and was patched immediately by me because it was on separate site, and i don't wanted to wait for debian team to release the patch.

Than you have all these web apps that are constantly targeted as soon a security hole is exposed. This is something that with the help of ISPConfig and you can be isolated to a minimum of damage.
Reply With Quote
  #3  
Old 24th October 2009, 12:08
diego diego is offline
Junior Member
 
Join Date: May 2009
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default Howtos or Suggestions

Hi!

Thank you damir for your response.

Are there any howto's on securing an ISPconfig-based installation? Would be nice to get some background knowledge about the security holes and the neccessary steps to avoid any pitfalls.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
[debian 5 + ispconfig 3] Unable to send mail tanakskool HOWTO-Related Questions 6 4th November 2009 18:20
Question about The perfect setup (Debian) Hans HOWTO-Related Questions 2 17th July 2008 17:18
The Perfect Setup - Debian Woody (3.0)... sending mail from my XP box? ExCIA HOWTO-Related Questions 17 27th June 2007 18:31
The Perfect Setup - Debian Sarge (3.1) Praude HOWTO-Related Questions 6 5th March 2006 02:15
e-mail problem!!! Debian 3.1 maroonworks Installation/Configuration 18 6th December 2005 14:42


All times are GMT +2. The time now is 05:20.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.