Strange error, DB renamed by nobody.

Discussion in 'Installation/Configuration' started by biforme, Feb 25, 2016.

  1. biforme

    biforme Member

    Hi
    I have a strange issue, today the name for a mysql db it has been modified from c13_nameofdb to c13c13_nameofdb.
    Nobody has changed the DB name, I guess. Is there a way to see who has made this change or if it is a problem with ISPConfig?
    Mysql is running on localhost.
    Debian Jessie installed following the Perfect server setup.
    P.S.
    Ispconfig is listening on a different port, not the default 8080.

    root@web:~# cat htf
    ##### SERVER #####

    IP-address (as per hostname): ***.***.***.***

    IP-address(es) (as per ifconfig): ***.***.***.***

    [INFO] ISPConfig is installed.



    ##### ISPCONFIG #####

    ISPConfig version is 3.0.5.4p8

    ##### VERSION CHECK #####

    [INFO] php (cli) version is 5.6.17-0+deb8u1

    [INFO] php-cgi (used for cgi php in default vhost!) is version 5.6.17-0+deb8u1



    ##### PORT CHECK #####



    [WARN] Port 8080 (ISPConfig) seems NOT to be listening

    [WARN] Port 80 (Webserver) seems to be BLOCKED in firewall

    [WARN] Port 993 (IMAP server SSL) seems NOT to be listening

    [WARN] Port 995 (POP3 server SSL) seems NOT to be listening



    ##### MAIL SERVER CHECK #####





    ##### RUNNING SERVER PROCESSES #####



    [INFO] I found the following web server(s):

    Apache 2 (PID 13527)

    [INFO] I found the following mail server(s):

    Postfix (PID 11913)

    [INFO] I found the following pop3 server(s):

    Dovecot (PID 687)

    [INFO] I found the following imap server(s):

    Unknown process (systemd) (PID 1)

    [INFO] I found the following ftp server(s):

    PureFTP (PID 21350)



    ##### LISTENING PORTS #####

    (only ()

    Local (Address)

    [anywhere]:54686 (580/rpc.statd)

    [localhost]:9090 (21708/php-fpm:)

    [localhost]:8998 (5279/php-fpm.conf))

    [localhost]:9191 (25866/php-fpm.conf))

    [localhost]:10024 (1441/amavisd-new)

    [localhost]:6379 (11030/redis-server)

    [anywhere]:587 (11913/master)

    [localhost]:11211 (666/memcached)

    [anywhere]:110 (687/dovecot)

    [anywhere]:143 (1/systemd)

    [anywhere]:111 (521/rpcbind)

    [anywhere]:465 (11913/master)

    [anywhere]:21 (21350/pure-ftpd)

    [anywhere]:22 (662/sshd)

    [anywhere]:25 (11913/master)

    *:*:*:*::*:443 (13527/apache2)

    *:*:*:*::*:47806 (580/rpc.statd)

    *:*:*:*::*:10024 (1441/amavisd-new)

    *:*:*:*::*:3306 (11415/mysqld)

    *:*:*:*::*:587 (11913/master)

    [localhost]10 (687/dovecot)

    [localhost]43 (1/systemd)

    [localhost]11 (521/rpcbind)

    *:*:*:*::*:80 (13527/apache2)

    *:*:*:*::*:8081 (13527/apache2)

    *:*:*:*::*:465 (11913/master)

    *:*:*:*::*:4949 (12771/perl)

    *:*:*:*::*:21 (21350/pure-ftpd)

    *:*:*:*::*:22 (662/sshd)

    *:*:*:*::*:25 (11913/master)

    ##### IPTABLES #####

    Chain INPUT (policy DROP)

    target prot opt source destination

    fail2ban-postfix-sasl tcp -- [anywhere]/0 [anywhere]/0 multiport dports 25

    fail2ban-dovecot-pop3imap tcp -- [anywhere]/0 [anywhere]/0 multiport dports 110,995,143,993

    fail2ban-pureftpd tcp -- [anywhere]/0 [anywhere]/0 multiport dports 21

    fail2ban-default tcp -- [anywhere]/0 [anywhere]/0

    fail2ban-default tcp -- [anywhere]/0 [anywhere]/0

    fail2ban-ssh tcp -- [anywhere]/0 [anywhere]/0 multiport dports 22

    DROP all -- ***.***.***.*** [anywhere]/0

    DROP all -- ***.***.***.*** [anywhere]/0

    DROP all -- ***.***.***.*** [anywhere]/0

    DROP all -- ***.***.***.*** [anywhere]/0

    DROP all -- ***.***.***.*** [anywhere]/0

    DROP all -- ***.***.***.*** [anywhere]/0

    DROP all -- ***.***.***.*** [anywhere]/0

    DROP all -- ***.***.***.*** [anywhere]/0

    DROP tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:80 STRING match "GET /w00tw00t.at.ISC.SANS." ALGO name bm TO 70

    DROP all -- ***.***.***.*** [anywhere]/0

    DROP all -- ***.***.***.*** [anywhere]/0

    DROP all -- ***.***.***.*** [anywhere]/0

    DROP tcp -- [anywhere]/0 ***.***.***.***/8

    ACCEPT all -- [anywhere]/0 [anywhere]/0 state RELATED,ESTABLISHED

    ACCEPT all -- [anywhere]/0 [anywhere]/0

    DROP all -- ***.***.***.***/4 [anywhere]/0

    PUB_IN all -- [anywhere]/0 [anywhere]/0

    PUB_IN all -- [anywhere]/0 [anywhere]/0

    PUB_IN all -- [anywhere]/0 [anywhere]/0

    PUB_IN all -- [anywhere]/0 [anywhere]/0

    PUB_IN all -- [anywhere]/0 [anywhere]/0

    DROP all -- [anywhere]/0 [anywhere]/0

    w00t tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:80



    Chain FORWARD (policy DROP)

    target prot opt source destination

    ACCEPT all -- [anywhere]/0 [anywhere]/0 state RELATED,ESTABLISHED

    DROP all -- [anywhere]/0 [anywhere]/0



    Chain OUTPUT (policy ACCEPT)

    target prot opt source destination

    PUB_OUT all -- [anywhere]/0 [anywhere]/0

    PUB_OUT all -- [anywhere]/0 [anywhere]/0

    PUB_OUT all -- [anywhere]/0 [anywhere]/0

    PUB_OUT all -- [anywhere]/0 [anywhere]/0

    PUB_OUT all -- [anywhere]/0 [anywhere]/0



    Chain INT_IN (0 references)

    target prot opt source destination

    ACCEPT icmp -- [anywhere]/0 [anywhere]/0

    DROP all -- [anywhere]/0 [anywhere]/0



    Chain INT_OUT (0 references)

    target prot opt source destination

    ACCEPT icmp -- [anywhere]/0 [anywhere]/0

    ACCEPT all -- [anywhere]/0 [anywhere]/0



    Chain PAROLE (9 references)

    target prot opt source destination

    ACCEPT all -- [anywhere]/0 [anywhere]/0



    Chain PUB_IN (5 references)

    target prot opt source destination

    ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 3

    ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 0

    ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 11

    ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 8

    PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:20

    PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:21

    PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:22

    PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:25

    PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:80

    PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:443

    PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:990

    PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:3306

    PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:4949

    ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:3306

    DROP icmp -- [anywhere]/0 [anywhere]/0

    DROP all -- [anywhere]/0 [anywhere]/0



    Chain PUB_OUT (5 references)

    target prot opt source destination

    ACCEPT all -- [anywhere]/0 [anywhere]/0



    Chain fail2ban-default (2 references)

    target prot opt source destination

    RETURN all -- [anywhere]/0 [anywhere]/0

    RETURN all -- [anywhere]/0 [anywhere]/0



    Chain fail2ban-dovecot-pop3imap (1 references)

    target prot opt source destination

    RETURN all -- [anywhere]/0 [anywhere]/0



    Chain fail2ban-postfix-sasl (1 references)

    target prot opt source destination

    RETURN all -- [anywhere]/0 [anywhere]/0



    Chain fail2ban-pureftpd (1 references)

    target prot opt source destination

    RETURN all -- [anywhere]/0 [anywhere]/0



    Chain fail2ban-ssh (1 references)

    target prot opt source destination

    RETURN all -- [anywhere]/0 [anywhere]/0



    Chain w00t (1 references)

    target prot opt source destination

    tcp -- [anywhere]/0 [anywhere]/0 recent: SET name: DEFAULT side: source mask: ***.***.***.*** tcp flags:0x17/0x02

    tcp -- [anywhere]/0 [anywhere]/0 recent: UPDATE name: DEFAULT side: source mask: ***.***.***.*** tcp flags:0x1A/0x10
     
  2. biforme

    biforme Member

    Sorry, was a problem with a config file.
    Ispconfig had no faults.
     

Share This Page