Isalathiso senqaku
VestaCPIphaneli yokulawula ifumana ubunzima beentsuku ezi-0:
- Iingxelo zangoku zibonakalisa ubuthathaka kwi-VESTA API evumela ukuba ikhowudi iqhutywe njenge-ROOT.
- I-wave yokuqala kuthiwa yenzeke ngo-Aprili 2018, 4.
- Iseva eyosulelekileyo ifunyenwe, isebenza nge-2018 ka-Epreli 4
/usr/lib/libudev.soQala i-DDoS ye-remote host.
Ngokusekwe kuqwalaselo ukuza kuthi ga ngoku, xa umncedisi esulelekile, isetyenziselwa ukuthumela uhlaselo lweDDoS.
Ukubona ubuthathaka
Njani ukubona ukuba wosulelwe VestaCP 0-day Trojan?
- Landela la manyathelo angezantsi ukuze ubone ukuba umncedisi wakho wosulelekile?
inyathelo 1:Nceda ungene kwiseva yakho njengengcambu.
inyathelo 2:In /etc/cron.hourly Khangela ifayile enegama elithi "gcc.sh" kwisiqulathi seefayili ▼
cd /etc/cron.hourly ls -al
- Ukuba ifayile ikhona, umncedisi wakho wosulelekile.
- Ukuba usulelekile, gcina iifayile zakho kunye nogcino lwedatha ngoko nangoko, buyisela eyakhoLinuxumncedisi.
- Guqula igama eligqithisiweyo lesiseko sedata kunye nephasiwedi ye-ROOT yomncedisi.
Hlaziya / Phucula iMiyalelo yePhaneli yeVestaCP
- Ukuba akukho fayile ye "gcc.sh", ithetha ukuba ayisulelwanga yiTrojan.
- Ukuba awusuleleki, nceda uphucule (ulungise) ubuthathaka bephaneli yeVestaCP ngokukhawuleza.
Isiqendu 1:Sebenzisa lo myalelo ulandelayo ukuze ubone ukuba yeyiphi inombolo yoguqulelo lweqela leVestaCP ▼
v-list-sys-vesta-updates
Isiqendu 2:Sebenzisa lo myalelo ulandelayo ukuhlaziya iphaneli yeVestaCP▼
v-update-sys-vesta-all
Isiqendu 3:Qala kwakhona iVestaCP ▼
service vesta restart
Isiqendu 4:Qala kwakhona umncedisi ▼
reboot
Nazi ezinye izifundo kwiiphaneli zeVestaCP ▼
Ndiyathemba Chen Weiliang Blog ( https://www.chenweiliang.com/ ) kwabelwane "Indlela yokubona ukuba sesichengeni kweVestaCP 0-day?Lungisa/uPhucule kunye noHlaziyo lweMiyalelo" ukukunceda.
Wamkelekile ukwabelana ngekhonkco leli nqaku:https://www.chenweiliang.com/cwl-742.html