Results 1 to 5 of 5
  1. #1
    Join Date
    Nov 2011
    Location
    Harrisburg, PA
    Posts
    2,073

    CSF / LSD - false SSH login reports

    For the past few weeks we've been getting alerts that one of our cPanel users has been logging into the server via SSH under their cPanel account name. We have client SSH logins disabled across the board, and just to be safe, I confirmed with our test account that regular users can't log in. He doesn't show up in last, his .bash_history is empty (I realize that can be easily cleared), and I don't see any other signs of him actually logging in.

    It appears to be a false alarm.

    Has anyone else experienced this? Before I bug the CSF team, I wanted to check in here to see if this was a common or known problem.

  2. #2
    Join Date
    Oct 2002
    Location
    State of Disbelief
    Posts
    22,953
    Has he been logging in using SFTP?
    Having problems, or maybe questions about WHT? Head over to the help desk!

  3. #3
    Join Date
    Apr 2011
    Location
    Core Files
    Posts
    7,795
    Quote Originally Posted by bear View Post
    Has he been logging in using SFTP?

    CSF does show sftp logins.

  4. #4
    Join Date
    Nov 2011
    Location
    Harrisburg, PA
    Posts
    2,073
    Quote Originally Posted by bear View Post
    Has he been logging in using SFTP?
    Soooo, let's just pretend I never posted this thread. Can't believe I didn't think of that.

    Thank you.

  5. #5
    Join Date
    Oct 2002
    Location
    State of Disbelief
    Posts
    22,953
    What thread?
    Having problems, or maybe questions about WHT? Head over to the help desk!

Similar Threads

  1. csf reports Excessive processes running under user
    By gate2vn in forum Hosting Security and Technology
    Replies: 2
    Last Post: 06-25-2011, 02:54 AM
  2. many CSF reports tom my mail with this error
    By moheballah in forum Hosting Security and Technology
    Replies: 4
    Last Post: 03-30-2010, 10:17 PM
  3. APF & BFD or CSF & LSD
    By praveenkv1988 in forum Hosting Security and Technology
    Replies: 16
    Last Post: 04-21-2009, 10:19 AM
  4. WebHostingStuff.com -- False reports??
    By RobertMaltby in forum Running a Web Hosting Business
    Replies: 12
    Last Post: 09-13-2007, 02:00 PM
  5. Spam/Blacklisting/False Reports
    By LP-Trel in forum Running a Web Hosting Business
    Replies: 1
    Last Post: 06-28-2004, 02:28 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •