spam from an insecure phpnuke

mahdionline

Well-Known Member
Oct 18, 2003
127
0
166
Hi
one of our server faced with a strange probelm. some day ago i receive a email from [email protected] that say :

A spammer use one of customer site to send spam. they say the spammer use an insecure phpnuke to his work.

but we have about 200 phpnuke on our server ! ! now how can i discover that which account sent spams ?


Best Regard
 
Last edited:

haze

Well-Known Member
Dec 21, 2001
1,548
3
318
Hire a capable system admin ? If the scripts were installed by cpanel's script installer, use the addon module available to update all phpnuke installs, thats a first step. Do some research. Find out what known vulnerabilities there are in what versions of phpnuke that could cause such a thing to happen. Lock down your system, scan your logs, scan all the phpnuke installs for version numbers and ensure they're up to date, contact your clients and inform them to update or face suspension. If you don't suspend them for not updating, i'm sure ev1 will just pull the plug on your server so you might as well get a move on!
 

Curious Too

Well-Known Member
Aug 31, 2001
431
1
318
cPanel Access Level
Root Administrator
mahdionline said:
Hi
one of our server faced with a strange probelm. some day ago i receive a email from [email protected] that say :

A spammer use one of customer site to send spam. they say the spammer use an insecure phpnuke to his work.

but we have about 200 phpnuke on our server ! ! now how can i discover that which account sent spams ?


Best Regard

The newer versions of Nuke include a Webmail module that any registered nuke user can use to send spam. I had a couple of servers get hit by spammers this way.