Language Selection

English French German Italian Portuguese Spanish

They Came a Knockin and Webmin Let Them In

Filed under

Today was a sad day. I found out my streaming mirror/microblog server had been cracked. They exploited webmin and set up shop. Alas, there is no one to blame but myself. This is how I believe it went down.

About a month ago I tried to ssh into the streaming server but could not get in. Since this is a co-lo vms I contacted support informing them of the problem and asking them to kick the server. I suspected it was from a sour upgrade. They replied back that they found a problem in the sshd_config file and that things were back to normal.

This server had been running some three or more years now, it was the same debian install just upgraded. The company, tektonic, had gone through some changes with their systems and I never kept up with their administrative interface changes as I always used ssh, not their tools. Thus, having found myself in this predicament a few times in the past I figured I should find another way to remotely kick the system.

I looked around at their docs and tools but could not get access to my system.

rest here

re: Webmin

I'm curious why this guy thought he had to have Webmin installed to admin his server? What was oh so hard via the CLI that he needed that utility?

think of it this way

some people operate differently.

there are 'text' kinds of people, for whom working with console only is not really an issue.

Then there are visual people who it helps if they can "see" what they are doing.

Especially in terms of Webmin or similarly working app, I don't think it makes that much difference if they prefer GUI or text.

The ones that are really annoying are the ones who simply can't tolerate for anything but their own preferred method to exist. Or they insist only their preferred method is usable and everything else is junk.

There are reasons that installing a DE might not be a terrific idea, especially on a server, especially on a web facing server.

Webmin and other apps like it work differently than a DE though and the possible risk is what each individual has to determine if it's acceptable on their server and how to counter potential risks.

I don't see it as an either /or situation. More of if/then

Education is the number one security and prevention tool there is.

I'm posting this for Dann, the author of the original blog post

Dann says,

Vonskippy, if you had read my entire post you would have learned that this system be a co-lo vms and me having some issues with ssh, I wanted another way to gain access to the machine. I am fully aware that I could do everything and more through ssh, but when ssh does not work and the machine is on the other side of the country, one is pretty much stuck. While I think webmin is a fantastic tool when set up and secured properly, I tend to simply use ssh myself.

Just to clarify though, the fault was not webmin's it was all mine. I should have been on top of things and updated, configured, and secured webmin properly or at the very least disabled it.

You can read Dann's follow-up to this blog post here


I know this comes off as nit-picking, but you keep asserting that you were 'clear' in stating that it wasn't Webmins fault. Yet the title leaves the reader hanging at "...and Webmin let them in"

so, in mine and a lot of other peoples eyes, it wasn't clear at all.

Thanks for clarifying on the new post though.

Jamie deserves a lot of credit for the great work that goes into Webmin.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Ubuntu 16.10 review: Convergence is in a holding pattern; consistency’s here instead

There's plenty in Ubuntu 16.10 that makes it worth the upgrade, though nothing about Canonical's latest release is groundbreaking. This less experimental but worthwhile update continues to refine and bug-fix what at this point has become the fastest, stablest, least-likely-to-completely-change-between-point releases of the three major "modern" Linux desktops. Still, while the Unity 7.5 desktop offers stability and speed today, it's not long for this world. Ubuntu 16.10 is the seventh release since the fabled Unity 8 and its accompanying Mir display server were announced. Yet in Ubuntu 16.10, there's still no Unity 8 nor Mir. Read more

NVIDIA GeForce GTX 1050 OpenGL/Vulkan/OpenCL Linux Performance

Earlier this week NVIDIA began shipping the GeForce GTX 1050 graphics cards and our first review is of a Zotac GeForce GTX 1050 Mini. A GeForce GTX 1050 Ti Linux review is still coming up plus some other articles looking at performance-per-Watt and other interesting areas for these low-cost Pascal-based GPUs. Here are results of the latest NVIDIA Linux performance compared to the latest open-source AMD Linux driver with various Radeon GPUs. Read more

What you can learn from GitHub's top 10 open source projects

Open source dominates big data. So much so, in fact, that Cloudera co-founder Mike Olson has declared, "No dominant platform-level software infrastructure has emerged in the last ten years in closed-source, proprietary form." He's right, as the vast majority of our best big data infrastructure (Apache Hadoop, Apache Spark, MongoDB, etc.) is open source. Read more


  • Managing OpenStack with Open Source Tools
    Day 2 operations are still dominated by manual and custom individual scripts devised by system administrators. Automation is needed by enterprises. Based on the above analysis, Ansible is a leading open source project with a high number contributions and a diverse community of contributions. Thus Ansible is a well supported and popular open source tool to orchestrate and manage OpenStack.
  • Databricks Weaves Deep Learning into Cloud-Based Spark Platform
    Databricks, a company founded by the creators of the popular open-source Big Data processing engine Apache Spark, is a firm that we've been paying close attention to here at OStatic. We're fans of the company's online courses on Spark, and we recently caught up with Kavitha Mariappan, who is Vice President of Marketing at the company, for a guest post on open source tools and data science. Now, Databricks has announced the addition of deep learning support to its cloud-based Apache Spark platform. The company says this enhancement adds GPU support and integrates popular deep learning libraries to the Databricks' big data platform, extending its capabilities to enable the rapid development of deep learning models. "Data scientists looking to combine deep learning with big data -- whether it's recognizing handwriting, translating speech between languages, or distinguishing between malignant and benign tumors -- can now utilize Databricks for every stage of their workflow, from data wrangling to model tuning," the company reports, adding "Databricks is the first to integrate these diverse workloads in a fast, secure, and easy-to-use Apache Spark platform in the cloud."
  • OpenStack Building the Cloud for the Next 50 Years (and Beyond)
    Two OpenStack Foundation executives talk about what has gone wrong, what has gone right and what's next for the open-source cloud. BARCELONA, Spain—When OpenStack got started in 2010, it was a relatively small effort with only two companies involved. Over the last six years, that situation has changed dramatically with OpenStack now powering telecom, retail and scientific cloud computing platforms for some of the largest organizations in the world.
  • The Myth of the Root Cause: How Complex Web Systems Fail
    Complex systems are intrinsically hazardous systems. While most web systems fortunately don’t put our lives at risk, failures can have serious consequences. Thus, we put countermeasures in place — backup systems, monitoring, DDoS protection, playbooks, GameDay exercises, etc. These measures are intended to provide a series of overlapping protections. Most failure trajectories are successfully blocked by these defenses, or by the system operators themselves.
  • How to assess the benefits of SDN in your network
    Software-defined networking has matured from a science experiment into deployable, enterprise-ready technology in the last several years, with vendors from Big Switch Networks and Pica8 to Hewlett Packard Enterprise and VMware offering services for different use cases. Still, Nemertes Research's 2016 Cloud and Data Center Benchmark survey found a little more than 9% of organizations now deploying SDN in production.