Prv8 Shell
Server : Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4
System : Linux server.jackjohnson.com 2.6.32-279.5.2.el6.x86_64 #1 SMP Fri Aug 24 01:07:11 UTC 2012 x86_64
User : jackjohn ( 502)
PHP Version : 5.3.17
Disable Function : NONE
Directory :  /home/jackjohn/mail/.jackjohnson@jackjohnson_com/cur/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/jackjohn/mail/.jackjohnson@jackjohnson_com/cur/1349317088.001042.mbox:2,
Return-Path: <root@jackjohnson.nethosting.com>
Received: from jackjohnson.nethosting.com (localhost [127.0.0.1])
	by jackjohnson.nethosting.com (8.13.6.20060614/8.13.6) with ESMTP id l7296tYM045632
	for <root@jackjohnson.nethosting.com>; Thu, 2 Aug 2007 03:06:56 -0600 (MDT)
Received: (from root@localhost)
	by jackjohnson.nethosting.com (8.13.6.20060614/8.13.6/Submit) id l7296sbh045563
	for root; Thu, 2 Aug 2007 03:06:54 -0600 (MDT)
Date: Thu, 2 Aug 2007 03:06:54 -0600 (MDT)
From: Charlie Root <root@jackjohnson.nethosting.com>
Message-Id: <200708020906.l7296sbh045563@jackjohnson.nethosting.com>
To: root@jackjohnson.nethosting.com
Subject: jackjohnson.nethosting.com security run output


Checking setuid files and devices:
find: fts_read: No such file or directory

jackjohnson.nethosting.com setuid diffs:
--- /var/log/setuid.today	Thu Jun 21 03:06:40 2007
+++ /tmp/security.40omurl6	Thu Aug  2 03:06:53 2007
@@ -1,12 +1,11 @@
 124664331 -r-sr-xr-x  1 man   wheel      33152 Mar 12 11:24:42 2007 /backup/usr/local/bin/jman
 124664368 -rwxr-sr-x  1 root  mail       12784 Nov 17 18:17:16 2005 /backup/usr/local/bin/lockfile
-124664407 -rwxr-sr-x  1 root  mail        7668 May 21 11:27:15 2007 /backup/usr/local/bin/muttng_dotlock
+124664406 -rwxr-sr-x  1 root  mail        7668 Jul  2 09:23:09 2007 /backup/usr/local/bin/muttng_dotlock
 124664700 -rwsr-sr-x  1 root  mail       74140 Nov 17 18:17:16 2005 /backup/usr/local/bin/procmail
 124664757 -rws--x--x  1 root  wheel     949226 Nov 14 15:32:22 2005 /backup/usr/local/bin/sperl5.8.7
 124664762 ---s--x--x  2 root  wheel      95216 Apr 16 08:55:06 2007 /backup/usr/local/bin/sudo
 124664762 ---s--x--x  2 root  wheel      95216 Apr 16 08:55:06 2007 /backup/usr/local/bin/sudoedit
 124665026 -rws--x--x  1 root  wheel     267620 May 22 11:48:16 2007 /backup/usr/local/bin/xterm
-124956217 -rwx--s--x  1 root  mail       12499 Nov 18 10:34:50 2005 /backup/usr/local/libexec/mlock
 124242811 -r-sr-xr-x  1 root  wheel      18332 Nov  3 01:10:07 2005 /bin/rcp
 124373523 -r-sr-xr-x  1 root  wheel      22528 Nov 18 08:57:07 2005 /sbin/ping
 124373524 -r-sr-xr-x  1 root  wheel      30696 Sep 20 14:15:21 2006 /sbin/ping6
@@ -23,13 +22,13 @@
 124394780 -r-sr-xr-x  6 root  wheel   17532 Nov  3 01:11:18 2005 /skel/usr/bin/chpass
 124394780 -r-sr-xr-x  6 root  wheel   17532 Nov  3 01:11:18 2005 /skel/usr/bin/chsh
 124394798 -r-sr-xr-x  1 root  wheel      27136 Nov 18 09:13:29 2005 /skel/usr/bin/crontab
-124394832 -r-xr-sr-x  1 root  kmem       18984 Nov 18 09:12:26 2005 /skel/usr/bin/fstat
+124394461 -r-xr-sr-x  1 root  kmem       19016 Jun 29 14:24:15 2007 /skel/usr/bin/fstat
 124394897 -r-sr-xr-x  1 root  wheel       7680 Nov  3 01:11:23 2005 /skel/usr/bin/lock
 124394900 -r-sr-xr-x  1 root  wheel      17616 Nov  3 01:11:23 2005 /skel/usr/bin/login
 124394907 -r-sr-sr-x  1 root  daemon     24752 Nov  3 01:11:48 2005 /skel/usr/bin/lpq
 124394908 -r-sr-sr-x  1 root  daemon     27668 Nov  3 01:11:48 2005 /skel/usr/bin/lpr
 124394909 -r-sr-sr-x  1 root  daemon     23280 Nov  3 01:11:48 2005 /skel/usr/bin/lprm
-124394933 -r-xr-sr-x  1 root  kmem      101088 Sep 19 14:36:42 2006 /skel/usr/bin/netstat
+124394462 -r-xr-sr-x  1 root  kmem      108148 Jun 26 16:17:10 2007 /skel/usr/bin/netstat
 124394948 -r-sr-xr-x  1 root  wheel       4128 Nov  3 01:11:27 2005 /skel/usr/bin/opieinfo
 124394950 -r-sr-xr-x  1 root  wheel      10472 Nov  3 01:11:28 2005 /skel/usr/bin/opiepasswd
 124394952 -r-sr-xr-x  2 root  wheel       5828 Nov  3 01:11:28 2005 /skel/usr/bin/passwd
@@ -50,15 +49,14 @@
 124641831 -rwsr-xr-x  1 root  wheel   19380 Feb 28 13:55:07 2007 /skel/usr/local/apache2/bin/suexec
 124664331 -r-sr-xr-x  1 man   wheel   33152 Mar 12 11:24:42 2007 /skel/usr/local/bin/jman
 124664368 -rwxr-sr-x  1 root  mail    12784 Nov 17 18:17:16 2005 /skel/usr/local/bin/lockfile
-124664407 -rwxr-sr-x  1 root  mail      7668 May 21 11:27:15 2007 /skel/usr/local/bin/muttng_dotlock
+124664406 -rwxr-sr-x  1 root  mail     7668 Jul  2 09:23:09 2007 /skel/usr/local/bin/muttng_dotlock
 124664700 -rwsr-sr-x  1 root  mail     74140 Nov 17 18:17:16 2005 /skel/usr/local/bin/procmail
 124664757 -rws--x--x  1 root  wheel   949226 Nov 14 15:32:22 2005 /skel/usr/local/bin/sperl5.8.7
 124664762 ---s--x--x  2 root  wheel    95216 Apr 16 08:55:06 2007 /skel/usr/local/bin/sudo
 124664762 ---s--x--x  2 root  wheel    95216 Apr 16 08:55:06 2007 /skel/usr/local/bin/sudoedit
 124665026 -rws--x--x  1 root  wheel   267620 May 22 11:48:16 2007 /skel/usr/local/bin/xterm
 124698111 -rwsr-xr-x  1 root  bin      11451 Jun 27 14:18:28 2003 /skel/usr/local/frontpage/version5.0/apache-fp/_vti_bin/fpexe
-124956217 -rwx--s--x  1 root  mail     12499 Nov 18 10:34:50 2005 /skel/usr/local/libexec/mlock
-125023576 -r-s--x--x  1 root  wheel    15431 Mar 14 23:52:22 2007 /skel/usr/local/sbin/sinfo
+125023737 -r-s--x--x  1 root  wheel     7744 Jun 27 16:08:23 2007 /skel/usr/local/sbin/sinfo
 125401144 -r-xr-sr-x  1 root  daemon   43112 Nov  3 01:11:47 2005 /skel/usr/sbin/lpc
 125401191 -r-sr-xr-x  1 root  wheel    23264 Nov 18 08:56:11 2005 /skel/usr/sbin/traceroute
 125401192 -r-sr-xr-x  1 root  wheel    16916 Nov 18 08:56:18 2005 /skel/usr/sbin/traceroute6
@@ -66,7 +64,7 @@
 125686084 -r-sr-xr-x  1 man   wheel    33152 Mar 12 11:24:42 2007 /skel/var/tmp/instmp.stFjdP/bin/jman
 124664331 -r-sr-xr-x  1 man   wheel      33152 Mar 12 11:24:42 2007 /usr/X11R6/bin/jman
 124664368 -rwxr-sr-x  1 root  mail       12784 Nov 17 18:17:16 2005 /usr/X11R6/bin/lockfile
-124664407 -rwxr-sr-x  1 root  mail        7668 May 21 11:27:15 2007 /usr/X11R6/bin/muttng_dotlock
+124664406 -rwxr-sr-x  1 root  mail        7668 Jul  2 09:23:09 2007 /usr/X11R6/bin/muttng_dotlock
 124664700 -rwsr-sr-x  1 root  mail       74140 Nov 17 18:17:16 2005 /usr/X11R6/bin/procmail
 124664757 -rws--x--x  1 root  wheel     949226 Nov 14 15:32:22 2005 /usr/X11R6/bin/sperl5.8.7
 124664762 ---s--x--x  2 root  wheel      95216 Apr 16 08:55:06 2007 /usr/X11R6/bin/sudo

Checking for uids of 0:
root 0
toor 0

Checking for passwordless accounts:

jackjohnson.nethosting.com login failures:
Aug  1 19:13:35 jackjohnson sshd[86034]: Failed password for invalid user test from 212.210.63.18 port 2421 ssh2
Aug  1 19:13:37 jackjohnson sshd[86053]: Failed password for invalid user guest from 212.210.63.18 port 2644 ssh2
Aug  1 19:13:39 jackjohnson sshd[86072]: Failed password for invalid user admin from 212.210.63.18 port 2855 ssh2
Aug  1 19:13:41 jackjohnson sshd[86095]: Failed password for invalid user admin from 212.210.63.18 port 3085 ssh2
Aug  1 19:13:43 jackjohnson sshd[86123]: Failed password for invalid user user from 212.210.63.18 port 3300 ssh2

jackjohnson.nethosting.com refused connections:

-- End of security output --

haha - 2025