Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 15th October 2010, 10:03
burek burek is offline
Junior Member
 
Join Date: Oct 2010
Posts: 7
Thanks: 2
Thanked 2 Times in 1 Post
Thumbs up How to change all passwords, after suspected hack?

Hi,

First of all, let me say this is the great product you are developing and thank you all guys for your effort with all this.

Now, I've installed the ISPConfig 3, upgraded it to the latest version (3.0.3) and everything was working fine, until I've realized someone has been changing stuff (probably because several people knew the root password for shell).

I've decided to change ALL passwords, that would be:
1. root shell password
2. mysql root password
3. admin password for ispconfig control panel
4. mysql password for "ispconfig" user

The first 3 changes were done easily, but the number 4 gave me headaches.. I had to do a grep for the old password (searching by file contents on entire disk..) to be able to find all files that contain this password and I'm still not sure if I've changed all of them (because the grep command was working more than 24h and still wasn't finished and I had to stop it).

So, I've got a question and a suggestion. The question is: Is there any easy (preffered) way to change the password number 4?
The suggestion is to put this password into ISPConfig's config file only. Or to put it into a single isolated file, which will be just included by all the other files, that need this password.

Cheers.
__________________
www.gusari.org
www.berzaposlova.rs
Reply With Quote
Sponsored Links
  #2  
Old 15th October 2010, 11:42
giftsnake giftsnake is offline
Senior Member
 
Join Date: Jan 2009
Posts: 108
Thanks: 15
Thanked 9 Times in 8 Posts
Default

try
Code:
/usr/local/ispconfig/server/lib/mysql_clientdb.conf
Reply With Quote
  #3  
Old 15th October 2010, 11:44
burek burek is offline
Junior Member
 
Join Date: Oct 2010
Posts: 7
Thanks: 2
Thanked 2 Times in 1 Post
Default

Quote:
Originally Posted by giftsnake View Post
try
Code:
/usr/local/ispconfig/server/lib/mysql_clientdb.conf
Thanks for the help giftsnake. But I think you are reffering to the mysql 'root' password and not the mysql 'ispconfig' password (number 4 in the list).
__________________
www.gusari.org
www.berzaposlova.rs
Reply With Quote
  #4  
Old 15th October 2010, 12:01
yoplait yoplait is offline
Senior Member
 
Join Date: Dec 2009
Posts: 142
Thanks: 48
Thanked 12 Times in 10 Posts
Default

It isn't in mysql also ?
By using phpmyadmin, for example, and change de user ispconfigdb password ?
Reply With Quote
  #5  
Old 15th October 2010, 13:15
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,446
Thanks: 813
Thanked 5,216 Times in 4,089 Posts
Default

The password of the ispconfig user is in a lot of files as it is used by many services to connect to mysql. The exact locations of the files may vary depending on the Linux distrubution.

/usr/local/ispconfig/server/lib/config.inc.php
/usr/local/ispconfig/interface/lib/config.inc.php
The files with mysql in the name in the /etc/postfix/ directory
The sql file in the /etc/pure-ftpd directory.
The mydns.conf file in /etc/ or /etc/mydns/ if you use mydns on that server.
The courier authdameon file in /etc/courier or the dovecot sql file in /etc/dovecot.
The amavisd.conf file or 50-user file of avamisd in /etc/amavisd/ or a subdirectory of it.
The pam_smtp file in /etc/pam.d/ if you use courier.
The vlogger-dbi configuration file in /etc
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.

Last edited by till; 16th October 2010 at 11:33.
Reply With Quote
The Following User Says Thank You to till For This Useful Post:
burek (16th October 2010)
  #6  
Old 16th October 2010, 10:34
burek burek is offline
Junior Member
 
Join Date: Oct 2010
Posts: 7
Thanks: 2
Thanked 2 Times in 1 Post
 
Thumbs up

Quote:
Originally Posted by till View Post
The password of the ispconfig user is in a lot of files as it is sued by many services to connect to mysql. The exact locations of the files may vary depending on the Linux distrubution.

/usr/local/ispconfig/server/lib/config.inc.php
/usr/local/ispconfig/interface/lib/config.inc.php
The files with mysql in the name in the /etc/postfix/ directory
The sql file in the /etc/pure-ftpd directory.
The mydns.conf file in /etc/ or /etc/mydns/ if you use mydns on that server.
The courier authdameon file in /etc/courier or the dovecot sql file in /etc/dovecot.
The amavisd.conf file or 50-user file of avamisd in /etc/amavisd/ or a subdirectory of it.
The pam_smtp file in /etc/pam.d/ if you use courier.
The vlogger-dbi configuration file in /etc

Yes, that's what I needed. Thanks a lot.
__________________
www.gusari.org
www.berzaposlova.rs
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Update to 2.2.32 and cannot change mail passwords jayd Installation/Configuration 2 30th May 2009 16:40
Hack: change Database prefix to domain name nilsk Tips/Tricks/Mods 7 8th March 2009 14:21
change passwords dayjahone Installation/Configuration 10 28th September 2008 13:47
Courier - How To Change Mailuser Passwords asyadiqin Server Operation 4 8th April 2008 10:18
Samba as a PDC HOWTO - Change clients passwords linuxmad HOWTO-Related Questions 6 10th May 2006 16:25


All times are GMT +2. The time now is 04:29.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.