Current time: 11-29-2024, 07:06 PM Hello There, Guest! (LoginRegister)


Thread Closed 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[ERLEDIGT]Vermutung im ISPCP 1.0.0 RC6 ?
Author Message
charam Offline
Newbie
*

Posts: 6
Joined: Oct 2008
Reputation: -1
Post: #1
[ERLEDIGT]Vermutung im ISPCP 1.0.0 RC6 ?
Hallöchen,

Ich arbeite mit ISPCP 1.0.0 RC6 und verwende für diesen Zugang ein 18 stelliges Passwort das aus Zahlen - Buchstaben und Zeichen besteht. Und trotzdem konnte sich ein Hacker auf meinem Server Zugang verschaffen.

Frage1: Besteht ein Sicherheitsleck und wenn ja, wird daran mit Hochdruck gearbeitet?

Frage2: Wenn kein Sicherheitsleck besteht, wie kann ich den Adminlogginbereich noch einmal absichern?

Frage3: 1.0.0 RC6 ist eine nicht Stable Version. Wann kann mit einer Stable Version gerechnet werden?


Vielen Dank schon einmal für Eure Hilfe und Antworten.

Gruss Paul Pütz
(This post was last modified: 10-19-2008 08:18 PM by ZooL.)
10-18-2008 12:38 AM
Find all posts by this user
fabe Offline
Junior Member
*

Posts: 43
Joined: Jan 2008
Reputation: 0
Post: #2
RE: Sicherheitsleck im ISPCP 1.0.0 RC6 ?
gibts logs und so dazu?
wie hat er sich zugriff auf deinen server verschafft und worauf hatte er zugriff?
ich will keine sicherheitslücke im ispCP ausschließen, aber viele wege führen nach rom
und somit auch auf deinen server.

mfg fabe
10-18-2008 01:10 AM
Find all posts by this user
charam Offline
Newbie
*

Posts: 6
Joined: Oct 2008
Reputation: -1
Post: #3
RE: Sicherheitsleck im ISPCP 1.0.0 RC6 ?
Hallo,

wenn sich jemand einloggt über den Adminzugang des ISPCP bekomme ich automatisch eine Statusmeldung per Email. Diese Email habe ich bekommen mit angabe der IP desjenigen der auf den Server zugegriffen hat. Dieser jenige ist ein Teilnehmer aus Han Noi - Vietnam. Zugriff hatte er auf alles was nicht Niet und Nagelfest war. Veränderungen am Server oder abgelegte Dateien kann ich derzeit nicht feststellen.

Alle Logs habe ich kontrolliert und konnte keinen Eintrag mit dieser IP feststellen.

Gruss Paul



(10-18-2008 01:10 AM)fabe Wrote:  gibts logs und so dazu?
wie hat er sich zugriff auf deinen server verschafft und worauf hatte er zugriff?
ich will keine sicherheitslücke im ispCP ausschließen, aber viele wege führen nach rom
und somit auch auf deinen server.

mfg fabe
10-18-2008 01:21 AM
Find all posts by this user
ZooL Offline
Moderator
*****
Moderators

Posts: 3,429
Joined: Jan 2007
Reputation: 79
Post: #4
RE: Sicherheitsleck im ISPCP 1.0.0 RC6 ?
setzt du fail2ban ein ?
ist er als admin rauf ?
ist dein ispcp vieleicht nicht durch die sicherheits einstellungen ausreichend gesichert die
du im admin center festlegen kannst ?

mfg
10-18-2008 02:20 AM
Visit this user's website Find all posts by this user
charam Offline
Newbie
*

Posts: 6
Joined: Oct 2008
Reputation: -1
Post: #5
RE: Sicherheitsleck im ISPCP 1.0.0 RC6 ?
Hallöchen,

ich setze feil2ban ein.
Ist er als admin rauf? was ist damit gemeint?

Welche Sicherheitseinstellungen kann ich im Admin festlegen bzw. wo?

Gruss paul


(10-18-2008 02:20 AM)ZooL Wrote:  setzt du fail2ban ein ?
ist er als admin rauf ?
ist dein ispcp vieleicht nicht durch die sicherheits einstellungen ausreichend gesichert die
du im admin center festlegen kannst ?

mfg
10-18-2008 02:38 AM
Find all posts by this user
ZooL Offline
Moderator
*****
Moderators

Posts: 3,429
Joined: Jan 2007
Reputation: 79
Post: #6
RE: Sicherheitsleck im ISPCP 1.0.0 RC6 ?
Quote:Ist er als admin rauf? was ist damit gemeint?
naja ob er sich zugang zum admin account verschafft hat...
Quote:Welche Sicherheitseinstellungen kann ich im Admin festlegen bzw. wo?
als admin einloggen und dann auf settings ganz rechst.. da gibt es gewisse einstellungen
glaube für brute force war etwas dabei...

mfg
10-18-2008 03:03 AM
Visit this user's website Find all posts by this user
charam Offline
Newbie
*

Posts: 6
Joined: Oct 2008
Reputation: -1
Post: #7
RE: Sicherheitsleck im ISPCP 1.0.0 RC6 ?
hallöchen,

ja er konnte alles ändern, ob er was geändert hat kann ich derzeit nicht genau feststellen..

Ja diese Sicherheitseinstellungen waren alle ok und eingeschaltet.

Hier mal der Log auszug vom Server direkt:


58.186.228.179 - - [17/Oct/2008:09:02:53 +0200] "GET / HTTP/1.1" 200 1238 "http://www.myipneighbors.com/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:02:54 +0200] "GET /themes/omega_original/css/ispcp.css HTTP/1.1" 200 6211 "http://84.200.248.206/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:02:54 +0200] "GET /themes/omega_original/css/ispcp.js HTTP/1.1" 200 1519 "http://84.200.248.206/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:02:57 +0200] "GET /themes/omega_original/images/login/login_lock.jpg HTTP/1.1" 200 1336 "http://84.200.248.206/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:02:57 +0200] "GET /themes/omega_original/images/login/login_top.jpg HTTP/1.1" 200 6244 "http://84.200.248.206/themes/omega_original/css/ispcp.css" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:02:57 +0200] "GET /themes/omega_original/images/button.jpg HTTP/1.1" 200 333 "http://84.200.248.206/themes/omega_original/css/ispcp.css" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:03:12 +0200] "GET / HTTP/1.1" 200 1242 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:03:14 +0200] "GET /favicon.ico HTTP/1.1" 200 1886 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:26 +0200] "POST /index.php HTTP/1.1" 302 127 "http://84.200.248.206/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:35 +0200] "GET /client/index.php HTTP/1.1" 200 2322 "http://84.200.248.206/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:38 +0200] "GET /themes/omega_original/images/top/top_left.jpg HTTP/1.1" 200 8654 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:39 +0200] "GET /themes/omega_original/images/top/menu_separator.jpg HTTP/1.1" 200 652 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:39 +0200] "GET /themes/omega_original/images/top/top_left_bg.jpg HTTP/1.1" 200 10888 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:39 +0200] "GET /themes/omega_original/images/icons/general_big.gif HTTP/1.1" 200 1603 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:39 +0200] "GET /themes/user_logos/isp_logo.gif HTTP/1.1" 200 53 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:39 +0200] "GET /themes/omega_original/images/icons/general_a.gif HTTP/1.1" 200 2503 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:39 +0200] "GET /themes/omega_original/images/top/top_right.jpg HTTP/1.1" 200 4549 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:39 +0200] "GET /themes/omega_original/images/icons/logout_interface.png HTTP/1.1" 200 1825 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:40 +0200] "GET /themes/omega_original/images/icons/domains.gif HTTP/1.1" 200 2656 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:40 +0200] "GET /themes/omega_original/images/content/table_icon_general.png HTTP/1.1" 200 1948 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:40 +0200] "GET /themes/omega_original/images/icons/email.gif HTTP/1.1" 200 2207 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:40 +0200] "GET /themes/omega_original/images/content/table_icon_traffic.png HTTP/1.1" 200 1907 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:40 +0200] "GET /themes/omega_original/images/stats_left.gif HTTP/1.1" 200 434 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:40 +0200] "GET /themes/omega_original/images/top/top_bg.jpg HTTP/1.1" 200 393 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:40 +0200] "GET /themes/omega_original/images/icons/ftp.gif HTTP/1.1" 200 2505 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/bars/stats_left.gif HTTP/1.1" 200 309 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/trans.gif HTTP/1.1" 200 43 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/bars/stats_right.gif HTTP/1.1" 200 309 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/stats_right.gif HTTP/1.1" 200 433 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/content/table_icon_diskusage.png HTTP/1.1" 200 1361 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/icons/database.gif HTTP/1.1" 200 2528 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/icons/webtools.gif HTTP/1.1" 200 1638 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/icons/statistics.gif HTTP/1.1" 200 2131 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/icons/support.gif HTTP/1.1" 200 1965 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/top/menu_top.jpg HTTP/1.1" 200 2815 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/top/menu_bg.jpg HTTP/1.1" 200 485 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/top/link_bg.jpg HTTP/1.1" 200 948 "http://84.200.248.206/themes/omega_original/css/ispcp.css" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/top/middle_bg.jpg HTTP/1.1" 200 3292 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/stats_background.gif HTTP/1.1" 200 148 "http://84.200.248.206/themes/omega_original/css/ispcp.css" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/bars/stats_background.gif HTTP/1.1" 200 93 "http://84.200.248.206/themes/omega_original/css/ispcp.css" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:41 +0200] "GET /themes/omega_original/images/top/middle_right.jpg HTTP/1.1" 200 3693 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:42 +0200] "GET /themes/omega_original/images/icons/database_a.gif HTTP/1.1" 200 2609 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:42 +0200] "GET /themes/omega_original/images/icons/domains_a.gif HTTP/1.1" 200 2680 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:42 +0200] "GET /themes/omega_original/images/icons/ftp_a.gif HTTP/1.1" 200 2518 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:42 +0200] "GET /themes/omega_original/images/icons/webtools_a.gif HTTP/1.1" 200 1666 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:42 +0200] "GET /themes/omega_original/images/icons/email_a.gif HTTP/1.1" 200 2245 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:42 +0200] "GET /themes/omega_original/images/icons/statistics_a.gif HTTP/1.1" 200 2138 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:04:42 +0200] "GET /themes/omega_original/images/icons/support_a.gif HTTP/1.1" 200 1988 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:06 +0200] "GET /themes/omega_original/images/top/link_hover_bg.jpg HTTP/1.1" 200 954 "http://84.200.248.206/themes/omega_original/css/ispcp.css" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:28 +0200] "GET /client/support_system.php HTTP/1.1" 200 2019 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:30 +0200] "GET /themes/omega_original/images/icons/support_big.gif HTTP/1.1" 200 1525 "http://84.200.248.206/client/support_system.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:30 +0200] "GET /themes/omega_original/images/content/table_icon_support.png HTTP/1.1" 200 1673 "http://84.200.248.206/client/support_system.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:30 +0200] "GET /themes/omega_original/images/icons/general.gif HTTP/1.1" 200 2484 "http://84.200.248.206/client/support_system.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:44 +0200] "GET /client/webtools.php HTTP/1.1" 200 2301 "http://84.200.248.206/client/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:51 +0200] "GET /themes/omega_original/images/icons/webmailicon.gif HTTP/1.1" 200 2193 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:51 +0200] "GET /themes/omega_original/images/icons/awstatsicon.gif HTTP/1.1" 200 1164 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:51 +0200] "GET /themes/omega_original/images/icons/htaccessicon.gif HTTP/1.1" 200 2215 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:51 +0200] "GET /themes/omega_original/images/icons/errordocsicon.gif HTTP/1.1" 200 2120 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:51 +0200] "GET /themes/omega_original/images/content/table_icon_tools.png HTTP/1.1" 200 1385 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:51 +0200] "GET /themes/omega_original/images/icons/webtools_big.gif HTTP/1.1" 200 1333 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:51 +0200] "GET /themes/omega_original/images/icons/backupicon.gif HTTP/1.1" 200 2135 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:05:51 +0200] "GET /themes/omega_original/images/icons/filemanagericon.gif HTTP/1.1" 200 2005 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:01 +0200] "GET /tools/webmail/ HTTP/1.1" 302 - "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:02 +0200] "GET /tools/webmail/src/login.php HTTP/1.1" 200 2068 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:08 +0200] "GET /tools/webmail/themes/css/omega.css HTTP/1.1" 200 16578 "http://84.200.248.206/tools/webmail/src/login.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:10 +0200] "GET /tools/webmail/skins/omega/bg.jpg HTTP/1.1" 200 25111 "http://84.200.248.206/tools/webmail/themes/css/omega.css" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:10 +0200] "GET /tools/webmail/skins/omega/header_right_bg.png HTTP/1.1" 200 20967 "http://84.200.248.206/tools/webmail/themes/css/omega.css" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:11 +0200] "GET /client/manage_sql.php HTTP/1.1" 200 2642 "http://84.200.248.206/client/webtools.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:13 +0200] "GET /themes/omega_original/images/icons/database_small.png HTTP/1.1" 200 683 "http://84.200.248.206/client/manage_sql.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:13 +0200] "GET /themes/omega_original/images/icons/db_comit.png HTTP/1.1" 200 843 "http://84.200.248.206/client/manage_sql.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:13 +0200] "GET /themes/omega_original/images/icons/add_user.gif HTTP/1.1" 200 493 "http://84.200.248.206/client/manage_sql.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:13 +0200] "GET /themes/omega_original/images/icons/pma.gif HTTP/1.1" 200 382 "http://84.200.248.206/client/manage_sql.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:13 +0200] "GET /themes/omega_original/images/icons/users.gif HTTP/1.1" 200 1181 "http://84.200.248.206/client/manage_sql.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:12 +0200] "GET /themes/omega_original/images/content/table_icon_sql.png HTTP/1.1" 200 1679 "http://84.200.248.206/client/manage_sql.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:13 +0200] "GET /themes/omega_original/images/icons/delete.png HTTP/1.1" 200 778 "http://84.200.248.206/client/manage_sql.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:12 +0200] "GET /themes/omega_original/images/icons/database_big.gif HTTP/1.1" 200 1570 "http://84.200.248.206/client/manage_sql.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:14 +0200] "GET /themes/omega_original/images/icons/change_password.png HTTP/1.1" 200 924 "http://84.200.248.206/client/manage_sql.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
58.186.228.179 - - [17/Oct/2008:09:06:14 +0200] "GET /themes/omega_original/images/content/tableheader.jpg HTTP/1.1" 200 354 "http://84.200.248.206/themes/omega_original/css/ispcp.css" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"


Gruss Paul




(10-18-2008 03:03 AM)ZooL Wrote:  
Quote:Ist er als admin rauf? was ist damit gemeint?
naja ob er sich zugang zum admin account verschafft hat...
Quote:Welche Sicherheitseinstellungen kann ich im Admin festlegen bzw. wo?
als admin einloggen und dann auf settings ganz rechst.. da gibt es gewisse einstellungen
glaube für brute force war etwas dabei...

mfg
10-18-2008 03:13 AM
Find all posts by this user
joximu Offline
helper
*****
Moderators

Posts: 7,024
Joined: Jan 2007
Reputation: 92
Post: #8
RE: Sicherheitsleck im ISPCP 1.0.0 RC6 ?
der kam *nur* in den Client-Bereich...
10-18-2008 07:41 AM
Visit this user's website Find all posts by this user
ZooL Offline
Moderator
*****
Moderators

Posts: 3,429
Joined: Jan 2007
Reputation: 79
Post: #9
RE: Sicherheitsleck im ISPCP 1.0.0 RC6 ?
genau Joximu...
so sieht man es ja an der url die er benutzt hat...

mfg
10-18-2008 07:52 AM
Visit this user's website Find all posts by this user
charam Offline
Newbie
*

Posts: 6
Joined: Oct 2008
Reputation: -1
Post: #10
RE: Sicherheitsleck im ISPCP 1.0.0 RC6 ?
Hallöchen,

"Wer die Türe öffnen kann , kann auch die Fenster öffnen"(Zarazustra)

Kann man den Clientbereich noch einmal zusätzlich absichern, z.b. mit PHP Access und wenn ja, welche Dateien muss ich absicher bzw. wie heißen diese oder wo liegt der Ordner indem ich die Accessdateien hochladen müsste?

Gruss Paul

(10-18-2008 07:52 AM)ZooL Wrote:  genau Joximu...
so sieht man es ja an der url die er benutzt hat...

mfg
10-18-2008 01:50 PM
Find all posts by this user
Thread Closed 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)