Hello Brian,
Saturday, October 11, 2008, 10:03:37 PM, you wrote:
Thanks very much for the feedback. I have been thinking since I moved to this server in May that something wasn't quite right. All of my administrative email accounts have been hijacked and forged headers have been used to execute major spam attacks. I got thousands of email rejections from all over the planet. The IP address of the mailserver has been perpetually flagged as a spammer so that my member notification almost never get delivered and a series of things have happened to make me think that there is a loose cannon on that server that pretty much runs amok any time he wants to. Only a gut feeling on my side but THEY should know if someone is compromising their server. I DO know that I have never had any kind of problems like this on any Host Provider I have ever had in the past and they have ALL been shared server reseller accounts, even the bad ones didn't give me security headaches. I am very much aware of the vulnerabilities in the software I am using and have added code to prevent the hackers from accessing my include file which is one of the known exploits that have plagued this software in the past. The don't know, of forgot that I do development work on this stuff and told me that my software was "out of rev" and that I should upgrade it. In fact I forgot more about this software than they know but it was a laughable suggestion anyway (I run a technical support site for this software and have installed versions of every thing that has ever been released that I use to support the products). I used to do stuff like that when I did technical support on VMS/Pathworks too many years ago, LOL some things never change!
Actually, its not the first time I have been attacked using this software but it is the first time I have seen a hack on any of my sites, but I think your possible explanation makes me feel a little less anxious about it. I hadn't thought about that SSH access but that very definitely is a candidate.
Thanks to every body who responded I have a good deal of info now that didn't have a couple of hours ago.
Thanks very much.
--
Best regards,
mikesz mailto:[EMAIL PROTECTED]
_______________________________________________ New York PHP Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
