Spam/phishing Emails By Remote Connection (hacked)

Apr 23, 2009

One day, you noticed that someone remotely connectted your computer and an application sends spam/phishing emails bu using your IP. What do you do?

Of course, I stopped the program and blocked remote connection for a while and changed my password... I any way, i have to connect my computer remotely... What do you advice?

By the way, i have more than 1000 email accounts on my computer. Hacker left me a gift, but I don't need them))

View 9 Replies


ADVERTISEMENT

Plesk 11.x / Linux :: Scripts Of SPAM And Phishing Installed On Server?

May 22, 2014

I are running an Plesk 11.5 on a Ubuntu 12.04 machine. Since days i have problems where i see scripts of phishing sites and mailer scripts installed in the httpdocs directory of various domain.

How I can prevent that people outsiders install this scripts on the server? Where is the bug that allows this?

View 4 Replies View Related

PHPLive Hacked, Used To Send Spam. Best Alternative?

Apr 18, 2007

We received a few days ago a warring that our server is spamming. We hired someone to find the problem and it turned out that someone was using our phplivesupport to send spam from our server. The person who we hired showed us this http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6769 ("Multiple cross-site scripting (XSS) vulnerabilities in PHP Live! 3.2.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the...")
I sent a ticket to them and asked when they are going to release a new version and they did not answer, I asked them for a refund and no answer.

1) What do you think about this whole situation? You don't think they should refund us? (or release a new version)

2) Which live chat alternative do you recommend?

View 9 Replies View Related

Remote Desktop Connection

Oct 27, 2009

I signed up for a windows VPS.

The directions I recieved were "Please use remote desktop to connect to your server."

So I entered the ip address into the remote desktop connection window and it doesn't connect. Where do I go from here? I searched and can't find any relevant info.

View 10 Replies View Related

Allow User Remote Connection

Aug 13, 2008

how to allow users to remote mysql from localhost ( in linux server with WHM )

my user wants to connect to mysql from his localhost

View 0 Replies View Related

Remote Connection To Domain Fails

Jun 17, 2009

I have an Ubuntu 8.04 server with 2 nerwork cards eth0 and eth1. I am using only eth0. The server is behind a 2-wire router. I have setup the router with the public IP addresses.

On the server I have setup an IP alias on eth0 as eth0:0. I have 3 domains which i will call foo1.com foo2.com and foo3.com. The server pc is assigned to a static public address on the router as 217.xx.xx.100 this same ip also used to setup the virtual host for foo1.com

Quote:

<VirtualHost 217.xx.xx.100:80>
ServerName foo1.com
ServerAlias www.foo1.com
ServerAdmin me@foo1.com
DocumentRoot /var/www/foo1/
</VirtualHost>

I have also setup and applied an ssl certificate to 217.xx.xx.100:443.

Now eth0:0 is assigned to 217.xx.xx.101 and used as below

Quote:

<VirtualHost 217.xx.xx.101:80>
ServerName foo2.com
ServerAlias www.foo2.com
ServerAdmin me@foo2.com
DocumentRoot /var/www/foo2/
</VirtualHost>

<VirtualHost 217.xx.xx.101:80>
ServerName foo3.com
ServerAlias www.foo3.com
ServerAdmin me@foo3.com
DocumentRoot /var/www/foo3/
</VirtualHost>

When I am on the router I can access all the domains via the browser and can also get FTP, and ssh connection to the server. However when I leave the range of the server and connect to the net via another router, I loose ftp and ssh access to the server as well as not able to browse www.foo1.com. However www.foo2.com and www.foo3.com I can browse.

View 3 Replies View Related

Host For Remote MySQL Connection

Feb 21, 2008

I have developed a desktop system that uses MySQL data.

I want to use a host to access the data but my current provider only allows access to MySQL data via a web server.

Can anyone suggest a host that would provide direct connection to a MySQL database?

View 11 Replies View Related

Allow User To Remote Mysql Connection

Aug 15, 2008

how to allow user to remote mysql connection from his localhost ( in linux server with WHM )

my user wants to connect to the mysql from his localhost

View 7 Replies View Related

Remote Desktop Connection For Linux

Apr 25, 2008

My hoster told me to use PuTTY, a terminal, to install something called a vnc. I tried to install it ,but gets rejected everytime I connect.(I was using realvnc and connecting through a tunnel) Is there another way to get to the GUI or something like that?

I am using Vista and trying to connect to Linux (Debian)

View 6 Replies View Related

Windows And Linux Remote Desktop Connection

May 25, 2009

I know we can get remote Desktop connection only on those servers based on Windows 2003 OS or Windows 2008 OS.

But what about Linux? Can I have such remote desktop connection on CentOS 5?

Another question is, what is nxclient?
[url]

Im bit confused. Can I get remote desktop connection of Linux OS ( CentOS ) on my Windows XP by using this software?

[url]

View 7 Replies View Related

Cpanel Mysql Remote Connection USE EXIST DB

Jun 29, 2009

A have set up a cpanel with remote mysql server.

My demo config:

cpanel:

centos VPS with cpanel WHM (demo)

mysql:

debian VPS

the configuration is OK, it works.

We have got 200 customers, and we will to change to cpanel.

The MYSQL server is on a solaris zone. It is possible to make the remote connecting with it. I will import the 200 users MYSQL databases to cpanel, with privileges (user settings). The mail/web dir a will import manuali to cpanel server(copy-paste-setuser:group).

View 0 Replies View Related

MySQL Remote Connection Problem After A Heavy Usage

Aug 8, 2008

I have 2 identical Fedora8 boxes with Apache 2.2.8, MySQL 5.0.45 and PhP 5.2.4. I use one as the Web+DB server (say box A), and the other (box B) just as the Web server connecting to the DB server on box A. I use this 2 machine configuration to test a LAMP based-Web application. I have a client program on other machines that can emulate a massive web workload to these 2 servers; it can emulate hundreds to thousands of users using the application simultaneously.

Before running the test, the connection to the DB server from both boxes seem fine. Using the mysql client program on either box A or B trying to connect to the DB, the connection goes through instantly. In the /etc/my.cnf file, I have max_connections=4096 and max_user_connections=4096. Note that the web app uses one single db user to connect to the db. To allow remote connection, I inserted one record into the user table of the mysql db whose the host field's value is '%' (allow connection from all remote hosts).

After running the test (which I found out that many requests sent to box B failed), mysql client program on box A is still able to connect to the db instantly; but the one on box B has a problem: it takes extremely long (5 - 10 minutes or even more) to establish the connection, it doesn't time out, just takes that long. I believe that's the cause for the failure of requests to box B.

View 1 Replies View Related

Failcnt Error #422: Cannot Initialize Connection To Remote Host

Dec 23, 2008

my site is working fine for somedays and suddenly its stoped and hanged and also my PPP is not working , and file manager in PPP its give me this error
VZAgent returns error #422: "Cannot initialize connection to remote host"
and the suppord admin said I have problem in failcnt

[root@server ~]# cat /proc/user_beancounters
Version: 2.5
uid resource held maxheld barrier limit failcnt
1592: kmemsize 18353610 18355203 65536000 65536000 0
lockedpages 0 0 256 256 0
privvmpages 166455 171964 262144 262144 119810
shmpages 4885 4885 131072 131072 0
dummy 0 0 2147483647 2147483647 0
numproc 150 150 600 600 0
physpages 101554 108439 0 2147483647 0
vmguarpages 0 0 196608 196608 0
oomguarpages 101554 108439 196608 196608 0
numtcpsock 141 141 600 600 0
numflock 7 8 300 330 0
numpty 1 1 16 16 0
numsiginfo 0 1 384 384 0
tcpsndbuf 2350036 2625064 32768000 36864000 0
tcprcvbuf 2310144 2129920 32768000 36864000 0
othersockbuf 32976 573000 32768000 36864000 0
dgramrcvbuf 0 4284 1024000 1024000 0
numothersock 32 32 600 600 0
dcachesize 642510 653661 8192000 8192000 0
numfile 2636 2663 20000 20000 0
dummy 0 0 0 0 0
dummy 0 0 0 0 0
dummy 0 0 0 0 0
numiptent 228 228 700 700 0

I want to know what is my ram site and why that all errors?

View 6 Replies View Related

My Screen Is Too Wide For "Remote Desktop Connection

Dec 17, 2007

I am trying to access my server remotely using Windows' Remote Desktop Connection. It functions perfectly, but it does not go full screen because my local screen res is 1680x1050 ...

Does anyone know any other remote desktop applications which work better in this way?

I know I could just change the local res settings but it is a bit of a nuisance and looks really weird if I set it to something non-wide-screen...

View 1 Replies View Related

Ping Doesnt Work Until Remote Desktop Connection Is Made

Nov 14, 2007

I have a remote XP PC: 172.16.1.5 OpenVPN connection with route added for 192.168.2.0/24 to go via the VPN

Now on the other end the network consists of:

I have a OpenVPN server inside the lan on 192.168.2.245
Its default gateway is 192.168.2.1

I have 3 Windows Servers, 192.168.2.246, 247 and 248. All gateways are set to 192.168.2.1.

I have a ethernet router on the network, 192.168.2.1, it has a route added for 192.168.0.0/16 to go via 192.168.2.245, and route added for 172.16.0.0/24 to go via 192.168.2.245 also). the 192.168.0.0/16 is incase any other LANs are connected at a later date, if computers saw any packets not on the the 192.168.2.x subnet they would be routed to the default gateway which would then pass them to the OpenVPN router.

The trouble is, i can remotely connect and ping to the OpenVPN router fine and also the ethernet router, however when i ping any of the Windows boxes it times out. But i can open up Remote Desktop and connect to the windows box without problem, infact if i am running 'ping 192.168.2.246 -t' it will suddenly come alive but only after the RDP connection is made.

Is this something funny with the routing? I want to keep the OpenVPN server internal to the network and i appreciate it is hitting the ethernet router then being passed to the OpenVPN but something is weird as it fires up RDP fine but not ping. No firewalls are enabled on any of the boxes. If i log into ssh on the OpenVPN router or ethernet router i can ping from that to the windows boxes fine.

Its as if a ICMP redirect is issued, and all is well after the 1st connection. Not too sure but could anyone be kind enough to enlighten me?

View 1 Replies View Related

Remote Spam Filtering

Jan 4, 2007

We have a serious spam email problem. Can anyone recommend a good Remote Spam Filtering service?

View 2 Replies View Related

Helo Error - Not Acepting Remote Emails

Jul 5, 2008

domain1.com has two servers:

#Server PHP - hosts php and handles apache/mysql requests.
#Server 2 - handles mail and dns requests.

Yesterday we moved mail from # server 2 to a new mail server, a cPanel one, all mailboxes are created, users can send and recieve email using webmail, mail clients, etc.

But.. while trying to send mails using PHP authenticated from the #Server PHP/Apache/MySQL , we got this error from the mail servers:

Code:
We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. SMTP -> FROM SERVER: SMTP -> FROM SERVER: SMTP -> ERROR: HELO not accepted from server: SMTP -> get_lines(): $data was "" SMTP -> get_lines(): $str is "220-srv247.serverhost.com
This was working when mails were recieved/sent in Sendmail (an Ensim box), now with Exim 4.x on a cPanel box we got this issue.

Already added IP address from #server php into all Exim whitelists, also added the IP to /etc/alwaysrely, but didn't help.

Im using RHE 5.2 on the mail server and latest Release build.

View 3 Replies View Related

Emails Spam

Jun 25, 2009

im getting 50 and more spam mails each day, how do i secure my vps to stop 99% of the spam from coming in as i understand theres no way to completely block spams.

Im using directadmin control panel and enabled SpamAssasain but its not much of use even when i apply strict options on it.

View 3 Replies View Related

All Emails End Up In Spam, Any ISP

May 9, 2008

Got this strange issue here. Comcast customers cannot receive any emails sent from my server. With the others, most of the emails are being sent to a spam folder instead of inbox.

Serve is Centos 5 / Cpanel

I confirmed IP has proper reverse dns and is not blaclisted. I also setup SPF as well.

View 1 Replies View Related

Get Rid Of Spam Emails

Apr 29, 2008

I am using couple of emails on my domain since 3 years. I am having a big amount of spam emails. If I use SpamAssassin™ in the Cpanel it will miss sometimes hotmail, yahoo emails etc.. If I disable it, I will continue receiving those spam emails. However, some of my clients uses free emails like hotmail and yahoo.

View 10 Replies View Related

Yahoo : Spam Emails ?

Sep 18, 2006

Some of my emails send to the clients who are using Yahoo's email is stored in their " Bulk " folder, so Yahoo is considering my email as spamer althought i'm not. So do you know how can i fix it ? Do i need to contat Yahoo about this matter ?

View 1 Replies View Related

Catching Spam Emails

Jul 25, 2009

We use some spam blockers that come with cPanel but sometimes it feels like it isn't enough to block out all spam coming in and going out of the server. Anyone here have any experience with any other third party softwares that may be able to stop emails in its track basing it on the content of the email itself?

View 4 Replies View Related

Cpanel: SPAM IN YOUR EMAILS!

Jul 27, 2008

I would like to offer some good advice to people who Host thier sites with Hostgator or any other Webhosts who provide Cpanel. Please Check your "Mail" feature.

I just check all of my sites Mail in the Mail section.

All of my sites do not have webmail set up, but I was surprised to find tens of thousans of spam mails and I dont even have any email accounts set up!

This was causing me to get 'iNode" warnings that my account would be soon suspended and I should upgrade my site to Dedicated Hosting, something I cannot afford!
Go to [url]
Steps

1. Click on Mail
2. Click on Webmail
3. Click on Horde
4. Login
5. Click on Mail

SURPRISE! Do you too have thousands of Spams ... even if you dont even have an email account set up?

If you folder is full of thousands of Spams then do this...

6. Click on Folders
7. Tick Inbox
8. Choose Empy Folders from the Drop Down box above
9. Click Empty Selected Folders
10. Do this regularly before you get an email from Hostgator like this:

Quote:

WARNING: gator85.hostgator.com: comscout: 63970 inodes

Server: gator85
User: xxxxx
Email: xxxxx(Owner)
iNodes: 63970 (warning)

Date: Sun Jul 27 00:22:59 CDT 2008
Email: xxxx
Account Name: xxxxx
Server: gator85.hostgator.com
iNodes (Files): 63970/50,000 (127.00%)

Hello,

To maintain the highest level of performance on our shared servers we have a maximum inode (file) limit of 50,000 inodes (files) per account. The size of the file does not matter, only the number of files. For example, a DVD image (say, 4.5gb) only counts as one inode, or file. Our limit, as outlined in our terms of service, is 50,000 files per account. We generally don't hold people strictly to this limit, but at the same time we expect our users to respect the limits of the system. When an account has hundreds of thousands of files, it significantly degrades overall disk performance, as each file on the disk must be tracked/indexed.

An easy analogy would be a table of contents or glossary for a book. If the book only has a few hundred pages, the index or glossary is likely to be small and easy to search. If the book has 5,000 pages, finding what you want might take significantly longer. The file system on a server works in a similar way, just on a larger scale. Our experience has shown that 50,000 files per account is a fair number, and accounts that exceed that by a significant amount cause disk performance issues. This message is to inform you that the listed account has significantly exceeded our limits for disk inodes/files and could potentially lead to disk issues.

It is also important to realize that accounts that exceed the inode (file) limit are not backed up by our courtesy weekly backup service, per section 7b of our Terms of Service. Of course, we advise every user to run their own backups to be safe. Accounts over our the 50,000 inode limit are bypassed so that backups can complete in a timely fashion for everyone. Otherwise, accounts with hundreds of thousands or more inodes will utilize more server resources than other accounts, and could lead to file system errors on our backup servers.

This account will be re-checked again in 7 days to verify it is below 50,000 files. If this account remains above the maximum inode limit after repeated checks, we'll have to review the situation further and advise a course of action. It is critical that one of the following actions take place before that happens:

a) reduce the number of inodes/files. This change must be permanent; if you have a high number of cache files or similar, and you expect them to naturally exceed the inode limit again in the future, the configuration must be changed to limit the total number of cached files.

If you are completely unaware of the source of the inodes, it may be that you have left your default mailbox enabled, and never cleared it. Over time, it can fill up with spam, consuming hundreds of thousands of inodes. If you have a catch-all enabled on your account, this can greatly increase the amount of mail/spam that our account receives and will raise your inode usage quickly unless routinely emptied. If you would like assistance clearing these folders from unwanted email or removing the catch-all from your account, please let us know and we would be happy to assist you.

The default mailbox is located at:

/home/xxxx/mail/cur
/home/xxxxx/mail/new

b) upgrade to dedicated service, where inode counts are no longer checked. In many cases, accounts that significantly exceed our inode/file limits have simply outgrown the shared environment, and a dedicated server is the logical choice. In many cases, the transfer from a shared to dedicated server will incur no charge. In rare situations, accounts with excessive numbers of accounts or users may require a fee; the transfer department would advise you of that fact prior to the transfer taking place. If you've read this far, it's clear you're serious about taking care of the issue and we can offer you 50% off off the first month's purchase of a dedicated server. To receive the discount, please:

- Reply to this email stating you'd like to upgrade. You will
automatically be assigned a ticket number, which will be
visible in the subject line. You may need to confirm your
email if this is the first time you've ever sent us a
ticket or emailed one of our departments.

- Order a dedicated server:
[url]

- Email sales@hostgator.com after placing your order. This
promotion is unadvertised, and must be manually approved.
You must reference the ticket # you receive (above) to
qualify for the discounted rate. This promotion only
applies to dedicated servers priced $ 219.00 or higher.

We thank you for taking the time to resolve this issue. If you have any questions or perhaps you are not sure what could be causing the high number of inodes, we can help you with that. Simply reply to this email and we will be more than happy to assist you.

As soon as I deleted all of my emails, guess what .... I already have 4 Spam emails, that is very quick!

I have 4 main sites with hostgator and this how much emails I have without knowing:

Site 1: 27,237 Spam Emails
Site 2: 43,438 Spam Emails
Site 3: 7,398 Spam Emails
Site 4: 63,972 Spam Emails

This is who one Spam was from:

To: myaccount@gator257.hostgator.com

So the spammers send the emails to gator257.hostgator.com and so forth!

That is crap! Surely they can fix it, as I say, I dont even have a email account in my Cpanel!

View 6 Replies View Related

100's Of Spam Emails Per Hour

Jan 6, 2008

I'm getting literally about 100 of these per hour easy in whm > mail queue! Where is it coming from and how do I stop this?

1JBOml-0008CW-Fz-H
mailnull 47 12
<>
1199600103 0
-ident mailnull
-received_protocol local
-body_linecount 33
-max_received_linelength 115
-allow_unqualified_recipient
-allow_unqualified_sender
-localerror
XX
1
root@server.domain.com

154P Received: from mailnull by server.domain.com with local (Exim 4.68)
id 1JBOml-0008CW-Fz
for root@server.domain.com; Sun, 06 Jan 2008 00:15:03 -0600
038 X-Failed-Recipients: admin@domain.com
029 Auto-Submitted: auto-replied
063F From: Mail Delivery System <Mailer-Daemon@server.domain.com>
029T To: root@server.domain.com
059 Subject: Mail delivery failed: returning message to sender
052I Message-Id: <E1JBOml-0008CW-Fz@server.domain.com>
038 Date: Sun, 06 Jan 2008 00:15:03 -0600

1JBOml-0008CW-Fz-D
This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

admin@domain.com
SMTP error from remote mail server after RCPT TO:<admin@domain.com>:
host sentry.domainbank.com [64.85.73.28]: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)

------ This is a copy of the message, including all the headers. ------

Return-path: <root@server.domain.com>
Received: from root by server.domain.com with local (Exim 4.68)
(envelope-from <root@server.domain.com>)
id 1JBOmk-0008CJ-To
for admin@domain.com; Sun, 06 Jan 2008 00:15:02 -0600
To: admin@domain.com
Subject: Services(2) failed
From: monitor@domain.com
Message-Id: <E1JBOmk-0008CJ-To@server.domain.com>
Date: Sun, 06 Jan 2008 00:15:02 -0600

Address:domain.com

Following services are down:

SSH(22)
MySQL(3306)

View 5 Replies View Related

Spam Emails Being Sent From Server

Nov 25, 2008

I have reason to believe that a site on my server was hacked and is now being used to send out spam emails.

View 9 Replies View Related

Emails Going To SPAM Folders

May 15, 2008

I can send e-mails out but many times they go directly to the recipient's SPAM box.

Also, my server cannot send to any company e-mail that uses MXLogic.net's services.

Going to [url]<--My server IP is on ZERO blacklists.

/etc/resolv.conf appears correct
/etc/hosts also appears correct

Is there something that I am overlooking?

View 3 Replies View Related

Emails Sent Recognized As SPAM

Feb 12, 2007

how not to get recognized as spam, when I send an email from my company's website (@pulsion dot ca), it gets to the spam folder of my custommers.

View 4 Replies View Related

How Do We Know If Our Emails Will Be SPAM Filtered

Feb 7, 2007

how I know if my email will pass if I send it to a custommer, I don't want SPAM lost mails

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved