Hi guys, after a long time my vps was chacked today, andd i dont know how
i received this emails on my admin mails
Time: Fri May 30 22:19:41 2014 -0300
Reported Modifications:
New account [rs] has been created with uid:[546] gid:[557] login:[/home/rs] shell:[/usr/local/cpanel/bin/noshell]
Time: Fri May 30 21:50:38 2014 -0300
Reported Modifications:
New account [wh] has been created with uid:[545] gid:[556] login:[/home/wh] shell:[/usr/local/cpanel/bin/noshell]
Time: Fri May 30 21:54:38 2014 -0300
Reported Modifications:
Account [wh] login shell has changed from [/usr/local/cpanel/bin/noshell] to [/bin/bash]
Time: Fri May 30 22:25:41 2014 -0300
Reported Modifications:
New account [whm] has been created with uid:[547] gid:[558] login:[/home/whm] shell:[/usr/local/cpanel/bin/noshell]
Any one can help to understand what this changes do?
After see this i power down the vps!
How can i revert this changes ???
Can cpanel crew get acess to the server and helps me???
thanks
i received this emails on my admin mails
Time: Fri May 30 22:19:41 2014 -0300
Reported Modifications:
New account [rs] has been created with uid:[546] gid:[557] login:[/home/rs] shell:[/usr/local/cpanel/bin/noshell]
Time: Fri May 30 21:50:38 2014 -0300
Reported Modifications:
New account [wh] has been created with uid:[545] gid:[556] login:[/home/wh] shell:[/usr/local/cpanel/bin/noshell]
Time: Fri May 30 21:54:38 2014 -0300
Reported Modifications:
Account [wh] login shell has changed from [/usr/local/cpanel/bin/noshell] to [/bin/bash]
Time: Fri May 30 22:25:41 2014 -0300
Reported Modifications:
New account [whm] has been created with uid:[547] gid:[558] login:[/home/whm] shell:[/usr/local/cpanel/bin/noshell]
Any one can help to understand what this changes do?
After see this i power down the vps!
How can i revert this changes ???
Can cpanel crew get acess to the server and helps me???
thanks