Control Web Panel
WebPanel => CentOS-WebPanel Bugs => Topic started by: monuchoudhary on June 01, 2021, 12:39:51 PM
-
Hey CWP Team,
I am using latest version of CWP 0.9.8.1065 . Yesterday i received a mail from Linode VPS Provider info about FACEFISH ATTACK and set network restriction on my server is this any fix for this attack
https://blog.netlab.360.com/ssh_stealer_facefish_en/ check this about server attack info how it works. and provide new update for remove this virus from server.
Thanks.
-
if you have automatic updates (enabled by default) then you are secure from those kinds of attacks as cwp updates automatically fix all issues.
-
hey,
thanks for info . Updates for CWP enable by default then why Linode set network restriction for server.
-
Add this to the csf.deny files and restart csf
tcp/udp|in/out|s/d=0_64000|s/d=176.111.174.26 # do not delete facefish control center ip
This will prevent any communications to the facefish control center and thus reduce the chances of damage.
-
This is quite concerning. Do we know what version of CWP are affected and how to properly prevent the attacks? CWP Team, can you please let us know the proper mitigation for this attack or what versions it has been resolved in?