Hi, Maybe it is coincidence but... After installling ISP my server was hacked. Server was update regulary and for at least 1 yesr everything was ok (no bad guys). And suddenly afert installing ISP server get hacked. Are you know some security hole? What happened? Any ideas? Thanks in advanced! Best regards, MvincM
There are no known security bugs in ISPConfig. Did you change the ISPConfig admin password immediately after installation? Do you know how you got hacked?
Yes. I did They (he) log in to my server from: user-12hdje2.cable.mindspring.com (but it could be fake) reboot server and change my root password - so now I can't even login to root account and trace them and search for rootkit or sth... Server stay in Datacenter... I have shell access but only for normal user... "last" command display: root pts/0 user-12hdje2.cab Fri Apr 21 03:08 - 03:08 (00:00) root pts/0 205.209.190.19 Fri Apr 21 03:05 - 03:05 (00:00) reboot system boot 2.6.8-3-686 Fri Apr 21 02:44 (14:46) I can't figure out how they do that... I'm preaty sure I don't have any keylogger on my PC so I don't know... Any ideas??? Best regards, MvincM
FAKE ALERT !!! Just imagine !!! that Datacenter staff reboot my server, change my root password from console (in single mode) - not saveing the previous one. All these things were made without informing the client (me) !!! I have inform them about server hacking and then they remind to inform me about all this mess... In my opinion something is wrong with customer care in this company... Thanks a lot for your interesting. End of Topic. MvincM
