The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security question

Discussion in 'Security' started by xphost, Mar 11, 2004.

  1. xphost

    xphost Well-Known Member

    Joined:
    Nov 12, 2003
    Messages:
    76
    Likes Received:
    0
    Trophy Points:
    6
    its normal that i found?

    one user buy most chip hosting-account - upload by ftp 2 files and start it ./filename

    ssh can use only root

    how i can prevent it
     
  2. xphost

    xphost Well-Known Member

    Joined:
    Nov 12, 2003
    Messages:
    76
    Likes Received:
    0
    Trophy Points:
    6
    now i terninate this account with processes, but i save this files
     
  3. xphost

    xphost Well-Known Member

    Joined:
    Nov 12, 2003
    Messages:
    76
    Likes Received:
    0
    Trophy Points:
    6
    file second
     

    Attached Files:

  4. xphost

    xphost Well-Known Member

    Joined:
    Nov 12, 2003
    Messages:
    76
    Likes Received:
    0
    Trophy Points:
    6
    if it help

    server RH9, Cpanel last stable, APF

    for clients
    shell - off

    cron - on

    ---------------------------------

    ba_node was run when i check server
     
  5. ddeans

    ddeans Well-Known Member

    Joined:
    Feb 13, 2004
    Messages:
    296
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Maryland
    How can you prevent what? I am not real sure what you are asking. I am not sure anyone knows.
     
  6. jamesbond

    jamesbond Well-Known Member

    Joined:
    Oct 9, 2002
    Messages:
    738
    Likes Received:
    1
    Trophy Points:
    18
    I think this is what he means : how can I prevent bad people from signing up for a cheap account and then uploading malicious files through ftp ?
     
  7. ddeans

    ddeans Well-Known Member

    Joined:
    Feb 13, 2004
    Messages:
    296
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Maryland
    Ohh, there are plenty of how to's on this. Search the forum!
     
  8. xphost

    xphost Well-Known Member

    Joined:
    Nov 12, 2003
    Messages:
    76
    Likes Received:
    0
    Trophy Points:
    6
    how i can prevent users from run files
     
  9. ddeans

    ddeans Well-Known Member

    Joined:
    Feb 13, 2004
    Messages:
    296
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Maryland
    Do you give your users shell access? If so then remove it from them.
     
  10. xphost

    xphost Well-Known Member

    Joined:
    Nov 12, 2003
    Messages:
    76
    Likes Received:
    0
    Trophy Points:
    6
    no of course

    my users do not have any shell access (ssh, telnet, jail) all disabled
     
  11. ddeans

    ddeans Well-Known Member

    Joined:
    Feb 13, 2004
    Messages:
    296
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Maryland
    Then what is it that they are running? and how are they running it?
     
  12. xphost

    xphost Well-Known Member

    Joined:
    Nov 12, 2003
    Messages:
    76
    Likes Received:
    0
    Trophy Points:
    6
    i can view it programs in process list

    how they start it i dont know
     
  13. ddeans

    ddeans Well-Known Member

    Joined:
    Feb 13, 2004
    Messages:
    296
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Maryland
    What programs? Paste it here.
     
  14. xphost

    xphost Well-Known Member

    Joined:
    Nov 12, 2003
    Messages:
    76
    Likes Received:
    0
    Trophy Points:
    6
    check my post with ba_node.txt only this program work without extension .txt
     
  15. jamesbond

    jamesbond Well-Known Member

    Joined:
    Oct 9, 2002
    Messages:
    738
    Likes Received:
    1
    Trophy Points:
    18
    Are you running PHP with safe_mode off or on?

    If you have safe_mode off then people can run those scripts using exec, system etc. through PHP

    www.php.net/function.exec

    Another way is through Perl.
     
  16. erwinfa

    erwinfa Well-Known Member

    Joined:
    Jun 14, 2003
    Messages:
    108
    Likes Received:
    0
    Trophy Points:
    0
    Have you try to make secure your /tmp dir ?
     
  17. xphost

    xphost Well-Known Member

    Joined:
    Nov 12, 2003
    Messages:
    76
    Likes Received:
    0
    Trophy Points:
    6
    yes, and kernel one of last version
     
  18. BrightAdmin

    BrightAdmin Well-Known Member

    Joined:
    Feb 29, 2004
    Messages:
    204
    Likes Received:
    0
    Trophy Points:
    16
    Hi,

    Try to make SSH more secure.
    Make entry in /etc/ssh/sshd_config

    PermitRootLogin no

    This will deny root login to ssh.

    Regards,

    Bright:eek:
     
  19. xphost

    xphost Well-Known Member

    Joined:
    Nov 12, 2003
    Messages:
    76
    Likes Received:
    0
    Trophy Points:
    6
    iam mistake

    PHP run without safe mode

    but in PHP disabled "exec" and "system" function
     
  20. jamesbond

    jamesbond Well-Known Member

    Joined:
    Oct 9, 2002
    Messages:
    738
    Likes Received:
    1
    Trophy Points:
    18
    Don't forget passthru
     
Loading...

Share This Page