ProFTPD security

[jasonk]

I'm having a dillema with my proftpd. After a smooth upgrade to 1.3.1rc2 from some older version this kid still manages to insert code into my index files. Apparently he needs write permission for his script to work. From what I can tell he can get admin access and work with all my domains. I'm using directadmin. Anyone knows of any patches or maybe some trick to stop this? Proftpd is stoped for now.
Any help is much appreciated Thanx

 

[nobaloney]

It's quite unlikely that this is a problem with ProFTPD. It's much more likely you've got a script somewhere on at least one of your sites that's been compromised. Or that someone else on the server does.

Do you own the server? If so, then find the script. If not, then once you make sure it's not a script running on your own site(s) you need to notify your hosting company.

Does your server run the DirectAdmin control panel? If not, then you're on the wrong forum.

Jeff

 

[jasonk]

I'm using directadmin.

Proftpd is closed for now. I do have some traffic counter scripts but i cant see anything else in my logs besides proftpd session opened. Anyhow I'm not the only one with no ftp...this should be for a reason.

 

[nobaloney]

How do your clients upload their sites without FTP?

Anyhow I'm not the only one with no ftp...this should be for a reason.

I don't have any idea what you mean.

Years ago there were real issues with anonymous FTP, and as I recall ProFTPd was the first FTP daemon to solve that issue. Now not even Microsoft has that problem.

Jeff