Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


Linux is more secure but not invulnerable

Oct 03, 2013, 10:00 (1 Talkback[s])

Over the last week, I was called to check into why a CentOS server was behaving poorly. The server duty was for web/email. The shenanigans were first spotted when a particular email address on the server in question refused to authenticate. I logged into the cPanel, changed the email's password, and attempted to log into the user's webmail. The second I logged in, the password was automatically changed again.

So, I started digging around.

Unfortunately, the machine had been severely compromised through a PHP exploit. How did that happen? The machine was deployed and never updated. So, the PHP version being used had long since reached its end of life. Along with around 300 or so other packages that were sorely out of date, the machine was simply a sitting duck.

Complete Story

Related Stories: