Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

127.0.0.1 cpanel_service keeps connecting to pure-ftpd

Discussion in 'Security' started by Drake, Feb 21, 2010.

  1. Drake

    Drake Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    83
    Likes Received:
    0
    Trophy Points:
    306
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    Hi All,

    We've been watching log files like a hawk, because we just got rid of a Dark Mail cgi issue that was caused by a customer's office PC being infected, probably with a keylogger trojan.

    Not seeing any more of the numerous customer user-name login, upload, delete, logout stuff anymore.


    But, I'm seeing localhost connecting to and disconnecting from pure-ftpd every few minutes or so.

    Can any CPanel Guru tell me what I'm seeing here?? I'd like to know if this is a security issue or not or from chkservd service monitor.

    Here's a sample [INFO] from /var/log/messages:

    Feb 21 06:13:59 server05 pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1

    Feb 21 06:14:10 server05 pure-ftpd: (?@127.0.0.1) [INFO] __cpanel__service__auth__ftpd__597SyxVkJFdyV3dd2OK822c5mMLRsV3CCpJ_4q0
    wsdozSkyaDDIHm5bhcwZKEhKt is now logged in

    Feb 21 06:14:11 server05 pure-ftpd: (__cpanel__service__auth__ftpd__597SyxVkJFdyV3dd2OK822c5mMLRsV3CCpJ_4q0wsdozSkyaDDIHm5bhcwZ
    KEhKt@127.0.0.1) [INFO] Logout.


    Thanks much,
    ~Drake
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 Drake, Feb 21, 2010
    Last edited: Feb 21, 2010
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,163
    Likes Received:
    370
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice