root access from ssh in cpanel

Inside an end-user's cpanel?
Impossible.

Unless you give them access to the wheel group which would be suicidal IMHO- but it's your server.
For details on that see the &wheel group& option in the left pane of your WHManager.


good luck.

 

Hey Nick, this sounds almost like a feature request, not to have root access from the Customer Cpanel, but include a Java SSH Client to the WHM so people can SSH in from remote locations easily.

 

Hmmm, you want something like MindTerm (free)
http://www.appgate.com/ag.asp?template=products&level1=product_mindterm

I asked a friend of mine to check if it's safe to use but he said it was NOT safe because he got it hacked within 5 minutes or so.

His hacking skills are very high (he's top notch and many companies, BIG companies ask for his advice) like he got ROOT acces easily from all those LIVE SUPPORT SYSTEMS while chatting with them. He asks for live support and while initiating the chat he enters, so know you all know such a system is NOT safe either ;-)

Only a few people have such high hacking skills and he says nothing is safe. Does this mean not to install anything the? No offcourse not but just be carefull and think twice about security. I know many people (webhosters) don't think about it at all.

Guess who is securing my servers.
Domenico

 

Uhh, do you trust your friend not to BS you. Alot of people are just &wanabe hackers& and basically just talk crap. Not saying your friend isnt a &hacker& and all but some people just talk BS.

 

[quote:e64e5b48b4][i:e64e5b48b4]Originally posted by Domenico[/i:e64e5b48b4]

Hmmm, you want something like MindTerm (free)
http://www.appgate.com/ag.asp?template=products&level1=product_mindterm

I asked a friend of mine to check if it's safe to use but he said it was NOT safe because he got it hacked within 5 minutes or so.

His hacking skills are very high (he's top notch and many companies, BIG companies ask for his advice) like he got ROOT acces easily from all those LIVE SUPPORT SYSTEMS while chatting with them. He asks for live support and while initiating the chat he enters, so know you all know such a system is NOT safe either ;-)

Only a few people have such high hacking skills and he says nothing is safe. Does this mean not to install anything the? No offcourse not but just be carefull and think twice about security. I know many people (webhosters) don't think about it at all.

Guess who is securing my servers.
Domenico
[/quote:e64e5b48b4]

this is interesting .. lately I get a few clicks on my Live Person chat from my site and the visitor doesn't say a word and then just leaves. Are they grabbing my IP and then sniffing my traffic?

 

live Helper applications do not contain your IP Address on the web site...

Generally how it works is:

The client clicks a web site icon to bring up live helper, that page calls the live helper server and passes your ID to it, then the server contacts your application and communicates between the 2 accordingly...

Since live helper uses Javascript to control the conversation, and no actual programming, your IP is not actually there.

 

Believe me guys, this hack (live helper and others) is genuine.

Do I trust him?
Well, I know him for more then ten years and he has discovered holes through the years that were posted on bugtraq and others a year later. This guy is one of the best! It's black hat turned white...

This guy (and the others I know too) is for real and yes I do trust him. And what do you think you could do when you didn't? He can jump though the apache setup screen and gain root access while you are at not watching and that's the most easy thing he can do ;-)

Well, you can read all about the livehelper trick within a year or so... my advice, DON'T USE IT! I know only one person at the moment that can do this. Some of you that know a lot about security and have more than average knowledge can tell that it is possible.

Anyways, I wanted SSH through cPanel also but after what he showed me I'd better and will not.

You don't have to believe me offcourse but if I where you I should.
Oh, I forgot to tell you about the other holes in the system ;-)

Domenico