The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Trojans Detected

Discussion in 'General Discussion' started by scrotaye2, Apr 17, 2006.

  1. scrotaye2

    scrotaye2 Member

    Joined:
    Apr 17, 2006
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    Hi, I am fairly new to the world of unix, and pretty much rely on cPanel to administrate my server.

    Today, I got this email from cPanel and I'm genuinely worried about it.

    Can someone please inform me what to do, or in which direction to go?

    Edit: I am running FreeBSD 5.3
     
    #1 scrotaye2, Apr 17, 2006
    Last edited: Apr 17, 2006
  2. jackie46

    jackie46 BANNED

    Joined:
    Jul 25, 2005
    Messages:
    537
    Likes Received:
    0
    Trophy Points:
    0
    Seems like your box has been rooted. Im surprised because out of the box Freebsd is far more secure than Unix is.
     
  3. scrotaye2

    scrotaye2 Member

    Joined:
    Apr 17, 2006
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    What does rooted mean?

    I have googled, and so far I've came up with the command chkroot but it's not a valid command (I guess for FBSD)
     
  4. jackie46

    jackie46 BANNED

    Joined:
    Jul 25, 2005
    Messages:
    537
    Likes Received:
    0
    Trophy Points:
    0
    It means your box has been hacked.
     
  5. scrotaye2

    scrotaye2 Member

    Joined:
    Apr 17, 2006
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    Alright. Tips/directions on what to do or where to go?
     
  6. jackie46

    jackie46 BANNED

    Joined:
    Jul 25, 2005
    Messages:
    537
    Likes Received:
    0
    Trophy Points:
    0
    Read your private message. I already sent you a tip. Click on PRIVATE MESSAGE to read it.
     
  7. nyjimbo

    nyjimbo Well-Known Member

    Joined:
    Jan 25, 2003
    Messages:
    1,125
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    New York
    If you do a "ps ax" or check the server do you see those tasks running ?. I've seen alot of these trojan checkers come up withj false positives on Freebsd machines.

    If you have console control and are familiar with the O/S check the dates on those binaries.
     
  8. scrotaye2

    scrotaye2 Member

    Joined:
    Apr 17, 2006
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    Hi, I am not familiar enough with FreeBSD to do that. However I looked in the 'currently running processes' in cPanel, and these processes are running. Is the best thing to do just start over, cleaning the box and reinstalling the os?
     
  9. scrotaye2

    scrotaye2 Member

    Joined:
    Apr 17, 2006
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    I contacted the guys that house my server, and they said tihs:

    Does this make sense?
     
    #9 scrotaye2, Apr 17, 2006
    Last edited: Apr 17, 2006
Loading...

Share This Page