.

Prv8 Shell
Server : Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4
System : Linux server.jackjohnson.com 2.6.32-279.5.2.el6.x86_64 #1 SMP Fri Aug 24 01:07:11 UTC 2012 x86_64
User : jackjohn ( 502)
PHP Version : 5.3.17
Disable Function : NONE
Directory : /home/jackjohn/mail/jackjohnson.com/jackjohnson/cur/
Upload File :
Current File : /home/jackjohn/mail/jackjohnson.com/jackjohnson/cur/1349317088.000120.mbox:2,
Date: Thu, 15 Mar 2007 03:06:06 -0600 (MDT)
From: Charlie Root <root@jackjohnson.nethosting.com>
Message-Id: <200703150906.l2F966PB086441@jackjohnson.nethosting.com>
To: root@jackjohnson.nethosting.com
Subject: jackjohnson.nethosting.com security run output


Checking setuid files and devices:

jackjohnson.nethosting.com setuid diffs:
--- /var/log/setuid.today	Mon Mar 12 03:04:54 2007
+++ /tmp/security.qVjsSE3V	Thu Mar 15 03:06:05 2007
@@ -1,3 +1,11 @@
+124664343 -r-sr-xr-x  1 man   wheel    33152 Nov  2 12:34:29 2006 /backup/usr/local/bin/jman
+124664368 -rwxr-sr-x  1 root  mail     12784 Nov 17 18:17:16 2005 /backup/usr/local/bin/lockfile
+124664413 -rwxr-sr-x  1 root  mail      7668 Jan  3 09:10:32 2007 /backup/usr/local/bin/muttng_dotlock
+124664700 -rwsr-sr-x  1 root  mail     74140 Nov 17 18:17:16 2005 /backup/usr/local/bin/procmail
+124664757 -rws--x--x  1 root  wheel   949226 Nov 14 15:32:22 2005 /backup/usr/local/bin/sperl5.8.7
+124664766 ---s--x--x  2 root  wheel    93244 Feb 15 16:20:17 2006 /backup/usr/local/bin/sudo
+124664766 ---s--x--x  2 root  wheel    93244 Feb 15 16:20:17 2006 /backup/usr/local/bin/sudoedit
+124956217 -rwx--s--x  1 root  mail     12499 Nov 18 10:34:50 2005 /backup/usr/local/libexec/mlock
 124242811 -r-sr-xr-x  1 root  wheel      18332 Nov  3 01:10:07 2005 /bin/rcp
 124373523 -r-sr-xr-x  1 root  wheel      22528 Nov 18 08:57:07 2005 /sbin/ping
 124373524 -r-sr-xr-x  1 root  wheel      30696 Sep 20 14:15:21 2006 /sbin/ping6

Checking for uids of 0:
root 0
toor 0

Checking for passwordless accounts:

jackjohnson.nethosting.com login failures:
Mar 14 01:34:46 jackjohnson ipop3d[65126]: Login failed user=postmaster auth=postmaster host=vr2n.npptema.ru [81.211.0.6]
Mar 14 01:34:59 jackjohnson ipop3d[65145]: Login failed user=postmaster@jackjohnson.com auth=postmaster@jackjohnson.com host=vr2n.npptema.ru [81.211.0.6]
Mar 14 03:57:42 jackjohnson ipop3d[82013]: Login failed user=webmaster auth=webmaster host=[213.251.192.226]
Mar 14 03:57:46 jackjohnson ipop3d[82020]: Login failed user=webmaster@jackjohnson.com auth=webmaster@jackjohnson.com host=[213.251.192.226]
Mar 14 06:39:06 jackjohnson ipop3d[94997]: Login failed user=info auth=info host=vr2n.npptema.ru [81.211.0.6]
Mar 14 06:39:10 jackjohnson ipop3d[95001]: Login failed user=info@jackjohnson.com auth=info@jackjohnson.com host=vr2n.npptema.ru [81.211.0.6]
Mar 14 08:28:33 jackjohnson ipop3d[6216]: Login failed user=postmaster auth=postmaster host=vr2n.npptema.ru [81.211.0.6]
Mar 14 08:28:37 jackjohnson ipop3d[6229]: Login failed user=postmaster@jackjohnson.com auth=postmaster@jackjohnson.com host=vr2n.npptema.ru [81.211.0.6]
Mar 14 10:15:03 jackjohnson ipop3d[21495]: Login failed user=webmaster auth=webmaster host=vr2n.npptema.ru [81.211.0.6]
Mar 14 10:15:07 jackjohnson ipop3d[21513]: Login failed user=webmaster@jackjohnson.com auth=webmaster@jackjohnson.com host=vr2n.npptema.ru [81.211.0.6]
Mar 14 11:46:05 jackjohnson ipop3d[35767]: Login failed user=allarm auth=allarm host=vr2n.npptema.ru [81.211.0.6]
Mar 14 11:46:09 jackjohnson ipop3d[35786]: Login failed user=allarm@jackjohnson.com auth=allarm@jackjohnson.com host=vr2n.npptema.ru [81.211.0.6]
Mar 14 12:10:38 jackjohnson sshd[40005]: Failed password for invalid user fax from 87.106.67.64 port 36301 ssh2
Mar 14 12:10:40 jackjohnson sshd[40021]: Failed password for invalid user uploader from 87.106.67.64 port 36437 ssh2
Mar 14 12:10:41 jackjohnson sshd[40032]: Failed password for invalid user upload from 87.106.67.64 port 36575 ssh2
Mar 14 12:10:43 jackjohnson sshd[40067]: Failed password for invalid user uploader from 87.106.67.64 port 36725 ssh2
Mar 14 12:10:44 jackjohnson sshd[40080]: Failed password for invalid user uploader from 87.106.67.64 port 36860 ssh2
Mar 14 14:32:54 jackjohnson sshd[67049]: Failed password for invalid user test from 222.106.110.103 port 37687 ssh2
Mar 14 14:32:57 jackjohnson sshd[67082]: Failed password for invalid user guest from 222.106.110.103 port 37802 ssh2
Mar 14 14:32:59 jackjohnson sshd[67115]: Failed password for invalid user admin from 222.106.110.103 port 37907 ssh2
Mar 14 14:33:01 jackjohnson sshd[67153]: Failed password for invalid user admin from 222.106.110.103 port 38007 ssh2
Mar 14 14:33:04 jackjohnson sshd[67207]: Failed password for invalid user user from 222.106.110.103 port 38110 ssh2
Mar 14 18:34:20 jackjohnson sshd[2837]: Failed password for invalid user test from 218.1.65.233 port 43934 ssh2
Mar 14 18:34:22 jackjohnson sshd[2872]: Failed password for invalid user guest from 218.1.65.233 port 44046 ssh2
Mar 14 18:34:24 jackjohnson sshd[2904]: Failed password for invalid user admin from 218.1.65.233 port 44152 ssh2
Mar 14 18:34:26 jackjohnson sshd[2936]: Failed password for invalid user admin from 218.1.65.233 port 44252 ssh2
Mar 14 18:34:28 jackjohnson sshd[2959]: Failed password for invalid user user from 218.1.65.233 port 44344 ssh2

jackjohnson.nethosting.com refused connections:

-- End of security output --
haha - 2025