Is there then a way to secure squirrelmail, or any other webmail prog.
This is a default install of qmail with the ISO.
Not having it is not an option, as most of the clients can only use webmail as
they are on the road daily.
Thanks
----- Original Message -----
From: Jake Vickers
To: qmailtoaster-list@qmailtoaster.com
Sent: Thursday, April 08, 2010 5:53 PM
Subject: Re: [qmailtoaster] spam
On 04/08/2010 04:21 PM, madmac wrote:
Well anyone that can guess my passwords must be amazing.
Let alone get through the elaborate firewall system.
ssh port is " non standard "
But I agree, this box is compromised " some how "
File count now at 9580 and counting
Are all of the files that are "infected" from mailboxes?
It does sound like your machine has been compromised. If you leave
Squirrelmail open (ie: no protection against password attacks) or have other
webapps running then this is the most likely place for them to get in. Once
they have an account's login credentials, they can upload things to themselves
and run them (don't ask me how - I never looked at how they did it - I just
fixed it) and then brute force passwords from the local machine to obtain other
access or whatever they are looking to do.
I had one a year or so back where a guy installed phpbb - when he came in the
next day someone had emailed him his root password. He reinstalled and put
phpbb back on and had his machine compromised in about 2 hours after that.
