Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Backdoor - Help yourself

Discussion in 'Security' started by Not_Impressed, Mar 16, 2012.

  1. Not_Impressed

    Not_Impressed Registered

    Joined:
    Mar 16, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Root Administrator
    Can you tell me is it common practice for one of your technical specialists when given root access to a server to leave a shell key in place?
     
    #1 Not_Impressed, Mar 16, 2012
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,571
    Likes Received:
    439
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Greetings, I would think the proper answer to your question would be, of course not.

    Do you have a ticket open right now or had one recently that you can provide me the ticket ID for please?

    If that ticket is closed, please feel free to reply to it to reopen. Or, open a new one. If you suspect that your server has been compromised you might want to seek professional assistance for a second opinion. You can find some of those, here:
    Sys Admin Services « Application Catalog
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 Infopro, Mar 16, 2012
  3. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,608
    Likes Received:
    32
    Trophy Points:
    238
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Actually, since we aren't always certain when a ticket might be resolved, we might well leave a public key in place in WHM's Manage Root's SSH Keys. It is not going to be intentional that the key was left but simply a factor that we don't know (unless you tell us and ask us to remove the key) that it has been fixed and we no longer need to access the machine for that issue.

    You are always welcome to remove the key or deauthorize it after the ticket has been resolved. After all, you know best when the issue is fixed.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 cPanelTristan, Mar 21, 2012
(You must log in or sign up to post here.)
Loading...
Similar Threads - Backdoor Help yourself
  1. DennisMidjord

    Backdoors on customers' websites

    DennisMidjord, Sep 1, 2017, in forum: Security
    Replies:
    4
    Views:
    587
    cPanelMichael
    Sep 1, 2017
  2. Sametto Chan

    Possible, block a backdoor apache IP?

    Sametto Chan, Feb 26, 2017, in forum: Security
    Replies:
    4
    Views:
    520
    Sametto Chan
    Feb 28, 2017
  3. WebHostPro

    Need help with using a dedicated IP to send email

    WebHostPro, Nov 8, 2018, in forum: E-mail Discussion
    Replies:
    3
    Views:
    118
    cPanelLauren
    Nov 12, 2018
  4. Zuriel

    Need DDoS investigating help or high CPU cycle help

    Zuriel, Nov 6, 2018, in forum: General Discussion
    Replies:
    1
    Views:
    100
    cPanelLauren
    Nov 6, 2018
  5. subtopic

    OWASP mod_security to help /tmp execution

    subtopic, Sep 18, 2018, in forum: Security
    Replies:
    1
    Views:
    125
    cPanelLauren
    Sep 19, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice