hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Dedicated Server : RaQ4 Hacked ... and it was patched!
Reply

Forum Jump

RaQ4 Hacked ... and it was patched!

Reply Post New Thread In Dedicated Server Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 05-01-2001, 03:51 PM
drewnick drewnick is offline
Web Hosting Master
 
Join Date: Dec 2000
Location: Atlanta
Posts: 574
Exclamation

I have religously kept up with my patches on a RaQ4i I have with rackshack and lo and behold, it got hacked. The perpetrator removed /var/log recursively and is now doing port scans. I literally visit Cobalt twice a day to check for patches and have applied all of them. My DNS server was off as well. What can be done to stop the hackers? Cobalt's are obviously wide open, even when guarded.

Regards,
Drew
www.cobalthost.com



Sponsored Links
  #2  
Old 05-01-2001, 04:30 PM
cabalstudios cabalstudios is offline
Web Hosting Master
 
Join Date: Apr 2001
Location: United Kingdom
Posts: 1,651
Drew, what version of BIND did you have installed?

And what o/s? are the hackers still scanning of your site, the reason i'm asking this is because i have hacked hundred of sites and informed sys admins that they have a security hole in there system, and when you mentioned scanning I know exactly what they are doing.

Drop me a line if you need more help.

__________________
Coreix™ | your solution™ www.coreix.net - 08000226734 - ISO27001 Certified
Dedicated Servers - Colocation - Secure Cages - Enterprise & Managed Solutions - Clustering - LoadBalancing - High Availability - Hosted Exchange 2007
NEW Tier III London DC with power sourced from 100% renewable sources, N+N UPS, N+1 Chillers and CRAC units, Mist Fire Suppression, Biometric and Man Trap security to all data areas


  #3  
Old 05-01-2001, 04:42 PM
drewnick drewnick is offline
Web Hosting Master
 
Join Date: Dec 2000
Location: Atlanta
Posts: 574
Hi, thanks for the follow-up. It is a RaQ4 running Cobalt's Linux.

Cobalt Linux release 6.0 (Shinkansen-Decaf)
Kernel 2.2.16C24_III on an i586

I had the DNS server disabled, as I know of several vulnerabilities for it specifically.

Drew

Sponsored Links
  #4  
Old 05-01-2001, 04:53 PM
cabalstudios cabalstudios is offline
Web Hosting Master
 
Join Date: Apr 2001
Location: United Kingdom
Posts: 1,651
What ftp software were you using?

__________________
Coreix™ | your solution™ www.coreix.net - 08000226734 - ISO27001 Certified
Dedicated Servers - Colocation - Secure Cages - Enterprise & Managed Solutions - Clustering - LoadBalancing - High Availability - Hosted Exchange 2007
NEW Tier III London DC with power sourced from 100% renewable sources, N+N UPS, N+1 Chillers and CRAC units, Mist Fire Suppression, Biometric and Man Trap security to all data areas


  #5  
Old 05-01-2001, 05:44 PM
Mike the newbie Mike the newbie is offline
Web Hosting Master
 
Join Date: Mar 2001
Location: Connecticut, US
Posts: 779
Quote:
Originally posted by drewnick
I have religously kept up with my patches on a RaQ4i I have with rackshack and lo and behold, it got hacked. The perpetrator removed /var/log recursively and is now doing port scans. I literally visit Cobalt twice a day to check for patches and have applied all of them. My DNS server was off as well. What can be done to stop the hackers? Cobalt's are obviously wide open, even when guarded.

Regards,
Drew
www.cobalthost.com
Do you use telnet? or ssh? Do you use POP3? If yes, is the POP3 password different than your admin password?

Take a look at this thread for starters http://www.webhostingtalk.com/showth...&threadid=8539

Reply

Related posts from TheWhir.com
Title Type Date Posted
GCHQ, Not NSA, Behind Belgian Telecom Attack: Report Web Hosting News 2013-09-20 12:16:20
Reports Suggest NSA Behind Attack on Belgium's Largest Telecom Web Hosting News 2013-09-16 10:33:22
Could Website Hackers be Chasing Hosting Customers Away? Blog 2013-08-27 09:07:42
Syrian Electronic Army Targets Top US Media Websites in Outbrain Platform Hack Web Hosting News 2013-08-16 10:46:10
SwaggSec Hackers Release 900 Admin Credentials from China Telecom Attack Web Hosting News 2012-06-04 15:24:03


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?