Infopro
Well-Known Member
Is this a trick question?
Make it a stronger password. That should solve the problem I would think.
Make it a stronger password. That should solve the problem I would think.
The way you said it, do you mean it keeps getting hacked when you change it, or keeps getting changed constantly?
If so, you're being HACKED. Calm down, it happens.
I would advise connecting to SSH via putty. Run "w", and "netstat -nalp |grep "SHPORTHERE" to see whos connected using SSH.
There may be PHPShells, rootkits etc on your server. I would advise running 'cat /path/of/your/web/logs/* |grep "/x90/' to look for shell code.
Search for running perl scripts 'ps -aux | grep perl'.
I would also login to whm (if you can) and look at wheel group users, as well as viewing any resellers, and double checking no one else has root privileges (if they do, they can reset your root pass).
Also, are you using the root password elsewhere? For anything else at all? Perhaps a billing system .e.g. WHMAutoPilot etc?
If so, you're being HACKED. Calm down, it happens.
I would advise connecting to SSH via putty. Run "w", and "netstat -nalp |grep "SHPORTHERE" to see whos connected using SSH.
There may be PHPShells, rootkits etc on your server. I would advise running 'cat /path/of/your/web/logs/* |grep "/x90/' to look for shell code.
Search for running perl scripts 'ps -aux | grep perl'.
I would also login to whm (if you can) and look at wheel group users, as well as viewing any resellers, and double checking no one else has root privileges (if they do, they can reset your root pass).
Also, are you using the root password elsewhere? For anything else at all? Perhaps a billing system .e.g. WHMAutoPilot etc?
Yo!
1. Use strong passwords (min 16 symbols). Use tools like pwgen.
2. DO NOT connect with root from public locations, and also USE certificates, not login with passwords!
3. Monitor your servers with tools that can verify processes, quotas and user activity (IRC bots, other hacking or exploit tools).
4. Allow only one user to have shell access - root.
5. Learn LINUX, cause you must or you will always be away from the subject and hacked.
6. Hosting is the battlefield in the war of the Internet, and you, as an administrator collect all the bullets from all.
Respekt.
PS: F*** or die, learn Linux or cry
1. Use strong passwords (min 16 symbols). Use tools like pwgen.
2. DO NOT connect with root from public locations, and also USE certificates, not login with passwords!
3. Monitor your servers with tools that can verify processes, quotas and user activity (IRC bots, other hacking or exploit tools).
4. Allow only one user to have shell access - root.
5. Learn LINUX, cause you must or you will always be away from the subject and hacked.
6. Hosting is the battlefield in the war of the Internet, and you, as an administrator collect all the bullets from all.
Respekt.
PS: F*** or die, learn Linux or cry
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
| V | SOLVED WHM Root working but SSH Says password invalid | Security | 3 | |
| F | SOLVED FTP won't connect after reset the root password | Security | 5 | |
| C | root password and security policy | Security | 5 | |
| T | Root password is being changed | Security | 4 | |
| C | root password: am I being too picky? | Security | 2 |