MRatWork Forum by Mustafa Ramadhan
Language Specific Discussions => Indonesia Users => Topic started by: bugis on 2014-01-29, 01:38:21
-
Halo master.....
Saya baca di beberapa forum sebelah : Kloxo exploit that allows an attacker to gain full root access
Sumber:
http://www.webhostingtalk.com/showthread.php?p=8996942
https://vpsboard.com/topic/3384-kloxo-installations-compromised/
apakah ini juga berdampak pada Kloxo-MR ?
Mohon penjelasannya...
Terima kasih
-
Sejauh exploit yang disebut, semua sudah di-fix di Kloxo-MR.
Salahsatu alasan lahirnya Kloxo-MR adalah adanya exploit di Kloxo 6.1.12 yang tidak di-fix sampai sekarang pun.
-
Yes, saya dapet email juga:
Greetings,
Since this morning, we have been combating multiple DDoS attacks across all of our locations. Upon further investigation, this is stemming from compromised VPS containers that utilize the Kloxo control panel software.
We have been made aware of an active zero day exploit in Kloxo with no workaround available. Essentially the exploit spawns a large number of httpd processes that allows the affected system to participate in a DDoS.
We kindly request your immediate attention into this matter, and ask that if you are running Kloxo that you disable it immediately.
Due to the fact that Kloxo developers are inactive and appears to be poorly written, along with the severity of this zero day exploit, we are prohibiting Kloxo to be ran on our VPS servers moving forward in order to protect our network and our users. We believe this is the best resolution, as Kloxo is not a secure software that should be used in any production environment. If your VPS is currently running Kloxo, please wipe your Kloxo install immediately. If you still require a control panel, below is a list of alternative free control panels that you can consider installing:
VestaCP
Webmin/Virtualmin
iMSCP
Ajenti
OpenPanel
ISPConfig
For more information regarding this Kloxo exploit please follow this discussion on WHT:
http://www.webhostingtalk.com/showthread.php?p=8996984
If you are not running Kloxo on your server, you may disregard this email. Your prompt attention and cooperation in this matter is appreciated.
-
Coba saja diakali agar port KLoxo-MR diubah dari 7777/7778 ke (misalnya) 8777/8778 (atau yang lain).
-
Siap, laksanakan 86!..
Setelah membalas ticket dari provider vps yang katanya akan prohibit any running Kloxo panel (saya tanya: bagaimana dengan Kloxo-MR?). Saya dapat jawaban:
Hi,
Yeah Kloxo-MR is fine.
Regards,
--
Ulrich Ackermann
WeLoveServers.net Technician
-
Siap, laksanakan 86!..
Setelah membalas ticket dari provider vps yang katanya akan prohibit any running Kloxo panel (saya tanya: bagaimana dengan Kloxo-MR?). Saya dapat jawaban:
Hi,
Yeah Kloxo-MR is fine.
Regards,
--
Ulrich Ackermann
WeLoveServers.net Technician
;D 8)
-
Kloxo-MR memang mantap :)
-
syukurlah.....
terima kasih penjelasannya.
bravo kloxoMR
-
wah om ebokalsel pake weloveservers juga yah...sesama pengguna nih..hehehe, alhamdulillah kloxo-mr aman....mantap