How to close open backdoors for hackers?

pingo

Well-Known Member
Nov 16, 2002
428
0
166
A resellers client got jail shell and now he says that his client found more than 20 backdoors. He used just nmap and telnet to get the password of all users. - How could he do that? This is a cPanel server and by default telnet is not enabled. I thought that jail shell were more secure. But more important, how do I close these backdoors - what can I do to find these backdors and then close them. I hope that someone knowing about these things will lend a helping hand.

Thanks
John

cPanel.net Support Ticket Number:
 
Last edited:

AlaskanWolf

Well-Known Member
Aug 11, 2001
535
0
316
Fremont CA
ask him if his client can prove it is the first thing u need to do to make sure its a legit claim

cPanel.net Support Ticket Number:
 

pingo

Well-Known Member
Nov 16, 2002
428
0
166
We found that a user was indeed backdooring. The kernel were recompiled. No, we have not set it to auto update due to many bad experiences with this. The socalled 'stable' version isn't allways stable after a releas and we're usually waiting for 1-2 weeks to let other people have the problems :D

John

cPanel.net Support Ticket Number: