spam from an insecure phpnuke

[mahdionline]

Hi
one of our server faced with a strange probelm. some day ago i receive a email from [email protected] that say :

A spammer use one of customer site to send spam. they say the spammer use an insecure phpnuke to his work.

but we have about 200 phpnuke on our server ! ! now how can i discover that which account sent spams ?


Best Regard

 

[haze]

Hire a capable system admin ? If the scripts were installed by cpanel's script installer, use the addon module available to update all phpnuke installs, thats a first step. Do some research. Find out what known vulnerabilities there are in what versions of phpnuke that could cause such a thing to happen. Lock down your system, scan your logs, scan all the phpnuke installs for version numbers and ensure they're up to date, contact your clients and inform them to update or face suspension. If you don't suspend them for not updating, i'm sure ev1 will just pull the plug on your server so you might as well get a move on!

 

[Curious Too]

Hi
one of our server faced with a strange probelm. some day ago i receive a email from [email protected] that say :

A spammer use one of customer site to send spam. they say the spammer use an insecure phpnuke to his work.

but we have about 200 phpnuke on our server ! ! now how can i discover that which account sent spams ?


Best Regard

The newer versions of Nuke include a Webmail module that any registered nuke user can use to send spam. I had a couple of servers get hit by spammers this way.

 

[magin]

i found a lot of spam also in my server, i checked one mail on the queue and found the webmail footer on it, result upgrade your nuke or not use at all cause is insecure i been trough a lot of problems with nukes intallations