Fresh RedHat7.3 w/DA - ROOTED

thehostworks

Verified User
Joined
May 30, 2003
Messages
25
Rooted indeed.

Seems to be a SSL issue, I am not sure if DA installs its own, but im sure it doesnt update it :)

Lucky for me it was just a beta box, and nothing was compromised...

FORMAT and reinstall!....

Just wanted to let people know. Maybe we can have a fix, or a method to fix such attacks..?
 
Hello,

Our customapache script has been available for some time now:
http://www.directadmin.com/forum/showthread.php?s=&threadid=104

It will plug up the mod_ssl security hole.

Also, our installguide now insists that you run the customapache script:
http://www.directadmin.com/installguide.html

There are a few good threads for keeping your server secure:

http://www.directadmin.com/forum/showthread.php?s=&threadid=189

the big ones it points to are:

OpenSSL: http://www.directadmin.com/forum/showthread.php?s=&threadid=163
OpenSSH: http://www.directadmin.com/forum/showthread.php?s=&threadid=166

John
 
Yep, we had a machine rooted as well, not as lucky, was a customers box. It has now been rebuilt, but what a nightmare.. happened over 4th of July weekend of course!

We have since updated all of our machines, but had no idea of the holes, our fault for not keeping an eye on things, but I still think DA may want to send out a mass email to all its customers letting them know.. its never fun to find out someone is using your machine to issue DDoS attacks.. :mad:
 
We just sent out a mass e-mail to inform everyone else of this upgrade. Hopefully this will help things.

It also becomes an issue of who is responsible for their own security. Control panels are meant to configure services, not secure systems. However, when problems occur, it is usually the control panel maker who receives the most blame.

Therefore, we'll try to keep a security page maintained to the best of our ability. But keep in mind that your server is ultimately your responsibility. :)

Mark
 
Back
Top