We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Search found 12 matches
- Fri Oct 19, 2018 4:48 pm
- Forum: General Discussion
- Topic: All VestaCP installations being attacked
- Replies: 230
- Views: 712449
Re: All VestaCP installations being attacked
Falzo , stop the insults. We have all said in this thread. More information you can find here https://www.welivesecurity.com/2018/10/18/new-linux-chachaddos-malware-distributed-servers-vestacp-installed/ In the next time I'll give you a warning. Excuse me, I don't think there were any insults from ...
- Wed Oct 17, 2018 7:14 pm
- Forum: General Discussion
- Topic: All VestaCP installations being attacked
- Replies: 230
- Views: 712449
Re: All VestaCP installations being attacked
The Vesta service was running and I had SSH access enabled just for the admin user. I set the password with the installation command. thanks for the info, that's interesting... I tried to investigate some more and checked some servers I installed in august and came across this entries in auth.log a...
- Mon Oct 08, 2018 7:20 pm
- Forum: General Discussion
- Topic: Security discussion
- Replies: 26
- Views: 21892
Re: Security discussion
I see we have 4 options: a) Rely on the community to find the exploited vulnerability and then fork VestaCP into something else. b) Make a fund to offer a prize for whoever finds the hole, and then fork VestaCP. c) Forget about VestaCP d) Rely on the core dev team. Meaning no ETA no info until they ...
- Wed Sep 26, 2018 2:22 am
- Forum: General Discussion
- Topic: All VestaCP installations being attacked
- Replies: 230
- Views: 712449
Re: All VestaCP installations being attacked
He obviously entered via SSH because he deleted /var/log/secure and auth.log . But mistery is HOW he got SSH. No, not that obvious to me, dpeca. There are things called "callback" that connect from the inside to the outside giving a shell. So, if people having SSH off got hacked I would look for so...
- Tue Sep 25, 2018 10:34 pm
- Forum: General Discussion
- Topic: All VestaCP installations being attacked
- Replies: 230
- Views: 712449
Re: All VestaCP installations being attacked
Hello,
Everyone running SSH on port 22? Did anyone here get hacked while having SSH firewalled by IP or running on a non-standard port?
Thank you
Everyone running SSH on port 22? Did anyone here get hacked while having SSH firewalled by IP or running on a non-standard port?
Thank you
- Tue Sep 25, 2018 6:06 pm
- Forum: General Discussion
- Topic: All VestaCP installations being attacked
- Replies: 230
- Views: 712449
Re: All VestaCP installations being attacked
My dev server got compromise as the password for admin user got changed, lucky I had the shell for admin user set to rssh so that attempt to run the payload in /var/tmp got blocked. Heres the attempted command run via ssh from ip:45.76.146.8 command: echo "9WlgVjGkot" | sudo -S -p "" chmod 0777 /va...
- Tue Sep 25, 2018 12:46 pm
- Forum: General Discussion
- Topic: All VestaCP installations being attacked
- Replies: 230
- Views: 712449
- Tue Sep 25, 2018 12:36 pm
- Forum: General Discussion
- Topic: All VestaCP installations being attacked
- Replies: 230
- Views: 712449
Re: All VestaCP installations being attacked
Don't worry pal. VestaCP developers will take care of it, give them a month.
- Tue Sep 25, 2018 12:10 pm
- Forum: General Discussion
- Topic: All VestaCP installations being attacked
- Replies: 230
- Views: 712449
Re: All VestaCP installations being attacked
Hello
Same here. I got 10 servers hacked.
All servers were attacking 144.0.2.180 (China). Last time VestaCP was hit by a zero day it was also discovered thanks to that attack. Too similar.
I'm done with VestaCP. Can't trust it anymore.
Good luck guys
Same here. I got 10 servers hacked.
All servers were attacking 144.0.2.180 (China). Last time VestaCP was hit by a zero day it was also discovered thanks to that attack. Too similar.
I'm done with VestaCP. Can't trust it anymore.
Good luck guys
- Sun Apr 08, 2018 9:55 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 697261
Re: Got 10 VestaCP servers exploited
Problem to many of us is that we have dynamic IPs from our ISPs and it can make accessing the vesta difficult since one ip is changed there iptables will have to be updated via ssh. And I have clients that want to be able to access the admin panel to add new webistes Completely understandable, This...