ispCP - Board - Support
[ERLEDIGT]Vermutung im ISPCP 1.0.0 RC6 ? - Printable Version

+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega International Area (/forum-22.html)
+--- Forum: German Corner (/forum-26.html)
+---- Forum: Archiv (/forum-54.html)
+---- Thread: [ERLEDIGT]Vermutung im ISPCP 1.0.0 RC6 ? (/thread-4725.html)

Pages: 1 2 3 4


[ERLEDIGT]Vermutung im ISPCP 1.0.0 RC6 ? - charam - 10-18-2008 12:38 AM

Hallöchen,

Ich arbeite mit ISPCP 1.0.0 RC6 und verwende für diesen Zugang ein 18 stelliges Passwort das aus Zahlen - Buchstaben und Zeichen besteht. Und trotzdem konnte sich ein Hacker auf meinem Server Zugang verschaffen.

Frage1: Besteht ein Sicherheitsleck und wenn ja, wird daran mit Hochdruck gearbeitet?

Frage2: Wenn kein Sicherheitsleck besteht, wie kann ich den Adminlogginbereich noch einmal absichern?

Frage3: 1.0.0 RC6 ist eine nicht Stable Version. Wann kann mit einer Stable Version gerechnet werden?


Vielen Dank schon einmal für Eure Hilfe und Antworten.

Gruss Paul Pütz


RE: Sicherheitsleck im ISPCP 1.0.0 RC6 ? - fabe - 10-18-2008 01:10 AM

gibts logs und so dazu?
wie hat er sich zugriff auf deinen server verschafft und worauf hatte er zugriff?
ich will keine sicherheitslücke im ispCP ausschließen, aber viele wege führen nach rom
und somit auch auf deinen server.

mfg fabe


RE: Sicherheitsleck im ISPCP 1.0.0 RC6 ? - charam - 10-18-2008 01:21 AM

Hallo,

wenn sich jemand einloggt über den Adminzugang des ISPCP bekomme ich automatisch eine Statusmeldung per Email. Diese Email habe ich bekommen mit angabe der IP desjenigen der auf den Server zugegriffen hat. Dieser jenige ist ein Teilnehmer aus Han Noi - Vietnam. Zugriff hatte er auf alles was nicht Niet und Nagelfest war. Veränderungen am Server oder abgelegte Dateien kann ich derzeit nicht feststellen.

Alle Logs habe ich kontrolliert und konnte keinen Eintrag mit dieser IP feststellen.

Gruss Paul



(10-18-2008 01:10 AM)fabe Wrote:  gibts logs und so dazu?
wie hat er sich zugriff auf deinen server verschafft und worauf hatte er zugriff?
ich will keine sicherheitslücke im ispCP ausschließen, aber viele wege führen nach rom
und somit auch auf deinen server.

mfg fabe



RE: Sicherheitsleck im ISPCP 1.0.0 RC6 ? - ZooL - 10-18-2008 02:20 AM

setzt du fail2ban ein ?
ist er als admin rauf ?
ist dein ispcp vieleicht nicht durch die sicherheits einstellungen ausreichend gesichert die
du im admin center festlegen kannst ?

mfg


RE: Sicherheitsleck im ISPCP 1.0.0 RC6 ? - charam - 10-18-2008 02:38 AM

Hallöchen,

ich setze feil2ban ein.
Ist er als admin rauf? was ist damit gemeint?

Welche Sicherheitseinstellungen kann ich im Admin festlegen bzw. wo?

Gruss paul


(10-18-2008 02:20 AM)ZooL Wrote:  setzt du fail2ban ein ?
ist er als admin rauf ?
ist dein ispcp vieleicht nicht durch die sicherheits einstellungen ausreichend gesichert die
du im admin center festlegen kannst ?

mfg



RE: Sicherheitsleck im ISPCP 1.0.0 RC6 ? - ZooL - 10-18-2008 03:03 AM

Quote:Ist er als admin rauf? was ist damit gemeint?
naja ob er sich zugang zum admin account verschafft hat...
Quote:Welche Sicherheitseinstellungen kann ich im Admin festlegen bzw. wo?
als admin einloggen und dann auf settings ganz rechst.. da gibt es gewisse einstellungen
glaube für brute force war etwas dabei...

mfg


RE: Sicherheitsleck im ISPCP 1.0.0 RC6 ? - charam - 10-18-2008 03:13 AM

hallöchen,

ja er konnte alles ändern, ob er was geändert hat kann ich derzeit nicht genau feststellen..

Ja diese Sicherheitseinstellungen waren alle ok und eingeschaltet.

Hier mal der Log auszug vom Server direkt:


58.186.228.179 - - [17/Oct/2008:09:02:53 +0200] "GET / HTTP/1.1" 200 1238 "http://www.myipneighbors.com/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:02:54 +0200] "GET /themes/omega_original/css/ispcp.css HTTP/1.1" 200 6211 "http://84.200.248.206/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:02:54 +0200] "GET /themes/omega_original/css/ispcp.js HTTP/1.1" 200 1519 "http://84.200.248.206/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:02:57 +0200] "GET /themes/omega_original/images/login/login_lock.jpg HTTP/1.1" 200 1336 "http://84.200.248.206/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:02:57 +0200] "GET /themes/omega_original/images/login/login_top.jpg HTTP/1.1" 200 6244 "http://84.200.248.206/themes/omega_original/css/ispcp.css" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:02:57 +0200] "GET /themes/omega_original/images/button.jpg HTTP/1.1" 200 333 "http://84.200.248.206/themes/omega_original/css/ispcp.css" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:03:12 +0200] "GET / HTTP/1.1" 200 1242 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:03:14 +0200] "GET /favicon.ico HTTP/1.1" 200 1886 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:26 +0200] "POST /index.php HTTP/1.1" 302 127 "http://84.200.248.206/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:35 +0200] "GET /client/index.php HTTP/1.1" 200 2322 "http://84.200.248.206/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:38 +0200] "GET /themes/omega_original/images/top/top_left.jpg HTTP/1.1" 200 8654 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:39 +0200] "GET /themes/omega_original/images/top/menu_separator.jpg HTTP/1.1" 200 652 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:39 +0200] "GET /themes/omega_original/images/top/top_left_bg.jpg HTTP/1.1" 200 10888 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:39 +0200] "GET /themes/omega_original/images/icons/general_big.gif HTTP/1.1" 200 1603 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:39 +0200] "GET /themes/user_logos/isp_logo.gif HTTP/1.1" 200 53 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:39 +0200] "GET /themes/omega_original/images/icons/general_a.gif HTTP/1.1" 200 2503 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:39 +0200] "GET /themes/omega_original/images/top/top_right.jpg HTTP/1.1" 200 4549 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:39 +0200] "GET /themes/omega_original/images/icons/logout_interface.png HTTP/1.1" 200 1825 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:40 +0200] "GET /themes/omega_original/images/icons/domains.gif HTTP/1.1" 200 2656 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:40 +0200] "GET /themes/omega_original/images/content/table_icon_general.png HTTP/1.1" 200 1948 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:40 +0200] "GET /themes/omega_original/images/icons/email.gif HTTP/1.1" 200 2207 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:40 +0200] "GET /themes/omega_original/images/content/table_icon_traffic.png HTTP/1.1" 200 1907 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:40 +0200] "GET /themes/omega_original/images/stats_left.gif HTTP/1.1" 200 434 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:40 +0200] "GET /themes/omega_original/images/top/top_bg.jpg HTTP/1.1" 200 393 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:40 +0200] "GET /themes/omega_original/images/icons/ftp.gif HTTP/1.1" 200 2505 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/bars/stats_left.gif HTTP/1.1" 200 309 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/trans.gif HTTP/1.1" 200 43 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/bars/stats_right.gif HTTP/1.1" 200 309 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/stats_right.gif HTTP/1.1" 200 433 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/content/table_icon_diskusage.png HTTP/1.1" 200 1361 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/icons/database.gif HTTP/1.1" 200 2528 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/icons/webtools.gif HTTP/1.1" 200 1638 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/icons/statistics.gif HTTP/1.1" 200 2131 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/icons/support.gif HTTP/1.1" 200 1965 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/top/menu_top.jpg HTTP/1.1" 200 2815 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/top/menu_bg.jpg HTTP/1.1" 200 485 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/top/link_bg.jpg HTTP/1.1" 200 948 "http://84.200.248.206/themes/omega_original/css/ispcp.css" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/top/middle_bg.jpg HTTP/1.1" 200 3292 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/stats_background.gif HTTP/1.1" 200 148 "http://84.200.248.206/themes/omega_original/css/ispcp.css" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/bars/stats_background.gif HTTP/1.1" 200 93 "http://84.200.248.206/themes/omega_original/css/ispcp.css" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/top/middle_right.jpg HTTP/1.1" 200 3693 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:42 +0200] "GET /themes/omega_original/images/icons/database_a.gif HTTP/1.1" 200 2609 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:42 +0200] "GET /themes/omega_original/images/icons/domains_a.gif HTTP/1.1" 200 2680 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:42 +0200] "GET /themes/omega_original/images/icons/ftp_a.gif HTTP/1.1" 200 2518 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:42 +0200] "GET /themes/omega_original/images/icons/webtools_a.gif HTTP/1.1" 200 1666 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:42 +0200] "GET /themes/omega_original/images/icons/email_a.gif HTTP/1.1" 200 2245 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:42 +0200] "GET /themes/omega_original/images/icons/statistics_a.gif HTTP/1.1" 200 2138 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:42 +0200] "GET /themes/omega_original/images/icons/support_a.gif HTTP/1.1" 200 1988 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:06 +0200] "GET /themes/omega_original/images/top/link_hover_bg.jpg HTTP/1.1" 200 954 "http://84.200.248.206/themes/omega_original/css/ispcp.css" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:28 +0200] "GET /client/support_system.php HTTP/1.1" 200 2019 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:30 +0200] "GET /themes/omega_original/images/icons/support_big.gif HTTP/1.1" 200 1525 "http://84.200.248.206/client/support_system.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:30 +0200] "GET /themes/omega_original/images/content/table_icon_support.png HTTP/1.1" 200 1673 "http://84.200.248.206/client/support_system.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:30 +0200] "GET /themes/omega_original/images/icons/general.gif HTTP/1.1" 200 2484 "http://84.200.248.206/client/support_system.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:44 +0200] "GET /client/webtools.php HTTP/1.1" 200 2301 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:51 +0200] "GET /themes/omega_original/images/icons/webmailicon.gif HTTP/1.1" 200 2193 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:51 +0200] "GET /themes/omega_original/images/icons/awstatsicon.gif HTTP/1.1" 200 1164 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:51 +0200] "GET /themes/omega_original/images/icons/htaccessicon.gif HTTP/1.1" 200 2215 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:51 +0200] "GET /themes/omega_original/images/icons/errordocsicon.gif HTTP/1.1" 200 2120 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:51 +0200] "GET /themes/omega_original/images/content/table_icon_tools.png HTTP/1.1" 200 1385 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:51 +0200] "GET /themes/omega_original/images/icons/webtools_big.gif HTTP/1.1" 200 1333 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:51 +0200] "GET /themes/omega_original/images/icons/backupicon.gif HTTP/1.1" 200 2135 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:51 +0200] "GET /themes/omega_original/images/icons/filemanagericon.gif HTTP/1.1" 200 2005 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:01 +0200] "GET /tools/webmail/ HTTP/1.1" 302 - "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:02 +0200] "GET /tools/webmail/src/login.php HTTP/1.1" 200 2068 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:08 +0200] "GET /tools/webmail/themes/css/omega.css HTTP/1.1" 200 16578 "http://84.200.248.206/tools/webmail/src/login.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:10 +0200] "GET /tools/webmail/skins/omega/bg.jpg HTTP/1.1" 200 25111 "http://84.200.248.206/tools/webmail/themes/css/omega.css" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:10 +0200] "GET /tools/webmail/skins/omega/header_right_bg.png HTTP/1.1" 200 20967 "http://84.200.248.206/tools/webmail/themes/css/omega.css" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:11 +0200] "GET /client/manage_sql.php HTTP/1.1" 200 2642 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:13 +0200] "GET /themes/omega_original/images/icons/database_small.png HTTP/1.1" 200 683 "http://84.200.248.206/client/manage_sql.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:13 +0200] "GET /themes/omega_original/images/icons/db_comit.png HTTP/1.1" 200 843 "http://84.200.248.206/client/manage_sql.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:13 +0200] "GET /themes/omega_original/images/icons/add_user.gif HTTP/1.1" 200 493 "http://84.200.248.206/client/manage_sql.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:13 +0200] "GET /themes/omega_original/images/icons/pma.gif HTTP/1.1" 200 382 "http://84.200.248.206/client/manage_sql.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:13 +0200] "GET /themes/omega_original/images/icons/users.gif HTTP/1.1" 200 1181 "http://84.200.248.206/client/manage_sql.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:12 +0200] "GET /themes/omega_original/images/content/table_icon_sql.png HTTP/1.1" 200 1679 "http://84.200.248.206/client/manage_sql.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:13 +0200] "GET /themes/omega_original/images/icons/delete.png HTTP/1.1" 200 778 "http://84.200.248.206/client/manage_sql.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:12 +0200] "GET /themes/omega_original/images/icons/database_big.gif HTTP/1.1" 200 1570 "http://84.200.248.206/client/manage_sql.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:14 +0200] "GET /themes/omega_original/images/icons/change_password.png HTTP/1.1" 200 924 "http://84.200.248.206/client/manage_sql.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:14 +0200] "GET /themes/omega_original/images/content/tableheader.jpg HTTP/1.1" 200 354 "http://84.200.248.206/themes/omega_original/css/ispcp.css" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"


Gruss Paul




(10-18-2008 03:03 AM)ZooL Wrote:  
Quote:Ist er als admin rauf? was ist damit gemeint?
naja ob er sich zugang zum admin account verschafft hat...
Quote:Welche Sicherheitseinstellungen kann ich im Admin festlegen bzw. wo?
als admin einloggen und dann auf settings ganz rechst.. da gibt es gewisse einstellungen
glaube für brute force war etwas dabei...

mfg



RE: Sicherheitsleck im ISPCP 1.0.0 RC6 ? - joximu - 10-18-2008 07:41 AM

der kam *nur* in den Client-Bereich...


RE: Sicherheitsleck im ISPCP 1.0.0 RC6 ? - ZooL - 10-18-2008 07:52 AM

genau Joximu...
so sieht man es ja an der url die er benutzt hat...

mfg


RE: Sicherheitsleck im ISPCP 1.0.0 RC6 ? - charam - 10-18-2008 01:50 PM

Hallöchen,

"Wer die Türe öffnen kann , kann auch die Fenster öffnen"(Zarazustra)

Kann man den Clientbereich noch einmal zusätzlich absichern, z.b. mit PHP Access und wenn ja, welche Dateien muss ich absicher bzw. wie heißen diese oder wo liegt der Ordner indem ich die Accessdateien hochladen müsste?

Gruss Paul

(10-18-2008 07:52 AM)ZooL Wrote:  genau Joximu...
so sieht man es ja an der url die er benutzt hat...

mfg