Cpanel hacked last week, want some credit

[strongbow]

Originally posted by twhiting9275
(the only way to do this is to unplug the eth0 cord),

shutdown -h now

is an even better way

[emeric21]

Originally posted by twhiting9275
As someone else said:
It's YOUR responsibility to administrate your server, NOT the responsibility of CPanel or any other control panel, or server "tool". YES, CPanel makes your life easier as an admin, however it does NOT and WILL NOT do the job for you.

That's right,
I admin my own servers for hosting since 1999...
But when i make my upgrape from cpanel last friday, 10 minutes later my server was hacked and that is not my fault.
The kacker use cpanel hole to hack my server.

Cpanel can say in these terms which it is not responsible but all the
servers which were hacked (even at large companies) show their responsibility.

It is as if you changes the engine of your car and you go on the
road and that explodes. You does what?

[twhiting9275]

Cpanel aint a car, and this aint a highway, pretty simple there.

10 minutes later my server was hacked and that is not my fault.

And this is Cpanel's fault HOW? C'mon now. Had you provided the basic security essentials, you wouldn't find your server being hacked.

Better yet, you KNOW that the server was hacked 10 minutes later HOW? Seems quite a bit fishy to me.

Blaming CPanel for your own screwups isn't acceptable. If you properly secure a server, it's going to stand less chance of getting hacked. If you keep up2date with all of the software updates, update your kernel, keep your configs up and running, secure your /tmp directory, don't allow logins, keep your passwords secured and up 2 date, then you'll have few (if any) problems.

It's not CPanel's fault that your server got hacked, it's your own, for not ensuring that your server was not secured. Quit trying to blame someone else for your poor judgement.

[stboch2]

Where have you been if you only have had to update 3 patches... there has been like 10 vulnerablities. I work for a security agency all we do is scan computers for vulnerablities. What you should do is get smart and block all connections to the server until its patched.

[rpmws]

Originally posted by emeric21
That's right,
I admin my own servers for hosting since 1999...
But when i make my upgrape from cpanel last friday, 10 minutes later my server was hacked and that is not my fault.
The kacker use cpanel hole to hack my server.

Cpanel can say in these terms which it is not responsible but all the
servers which were hacked (even at large companies) show their responsibility.

It is as if you changes the engine of your car and you go on the
road and that explodes. You does what?

I get out, call a wrecker and go find a new car. If it were a hacker that blew up my engine I blame him, not the gas company who just happens to use the same hole to fill the tank. Good idea might be to lock your doors and a better idea would be to watch things 24/7 so your car doesn't blow up. If it keeps hapening ..just leave it in the driveway and take off the wheels and weld the doors shut so it can't be stolen or hurt anyone else.

[glassjos]

Hi Emeric,

I'm sorry to hear you had to reinstall your systems, this is very frustrating. I know this thread almost 2 weeks old, but I'd like to recommend a couple good security practices that might help prevent this in the future for you.

First, subscribe to the Bugtraq mailing list at http://www.securityfocus.com/. The hacker group that discovered the most recent vulnerabilities posted the vulnerabilities to this mailing list first thing. They probably did this for recognition, rather than contacting CPanel directly like they should have to give them time to fix the vulnerability.

When we (Liquid Web) caught wind of the first vulnerability on this mailing list, we patched over 500 systems in less than two hours. The second set of vulnerabilities that were discovered the next day were not able to be simply patched, so we firewalled the infected services and notified our customers. Once CPanel released the final fix (which was quite timely), we again patched our systems in a matter of hours. So, if services are vulnerable that just can't be patched for whatever reason, you can utilize a firewall or disable the services temporarily to secure your systems.

You should also set up some sort of system to monitor software versions on your machines to make sure they are the latest non-vulnerable version. There is a lot of software out there that can do this.

There are countless other things you can do to help secure your systems, but I'd recommend these things at the very least. It's nearly impossible for software to be 100% secure. Good luck to you in the future though!

Originally posted by emeric21
Last week end my server was hacked 2 times because of cpanel hole or bug after upgreade from stable version.

I want some credit from cpanel because we work hard to re-install os and cpanel 2 times.

I think that all host's that have this problem last week have right to some compensation because we pay rather expensive annually for their license.

Thanks

Emeric
NationalHost