[SOLVED] Hacked, Please Help! - Zimbra :: Forums

Zimbra offers Open Source email server software and shared calendar for Linux and the Mac

		Zimbra :: Forums > Zimbra Collaboration Suite > Administrators
[SOLVED] Hacked, Please Help!

Welcome to the Zimbra :: Forums!

Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Search this Thread

#1 (permalink)

05-25-2011, 01:24 AM

Koffie is offline

Active Member

Posts: 29

Default

[SOLVED] Hacked, Please Help!

Hi Guys,

We are currently in dire need of assistance. We have had 10 compromised accounts in the last 5 days, 5 of which were compromised last night.

Can someone please let me know on which log I can see the authentication for the web interface. Also any ideas are GLADLY welcomed!

Last edited by Koffie; 05-25-2011 at 01:38 AM..

Reply With Quote

#2 (permalink)

05-25-2011, 02:05 AM

Koffie is offline

Active Member

Posts: 29

Default

Nevermind, found it.

Being hacked by Nigerians.

Just a note, they are connecting through zclient.

Reply With Quote

#3 (permalink)

05-25-2011, 02:54 AM

Klug is offline

Moderator

Posts: 2,207

Default

How did they achieve to compromise the accounts?

Brute force on passwords?

Reply With Quote

#4 (permalink)

05-25-2011, 03:00 AM

Koffie is offline

Active Member

Posts: 29

Default

Yup, we are currently implementing a new password formula.

Reply With Quote

#5 (permalink)

06-09-2011, 11:45 PM

civilwar is offline

Junior Member

Posts: 8

Default

How and where to see the log file for web client accessing?

Reply With Quote

#6 (permalink)

06-10-2011, 12:24 AM

Koffie is offline

Active Member

Posts: 29

Default

The audit log, to reach it log in as user zimbra and it is located under /opt/zimbra/log/

Reply With Quote

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
zcs-6.0.9_GA_2686.UBUNTU8_64 get hacked	pcfung	Administrators	1	12-07-2010 10:31 AM
Zimbra got hacked?	cocas	Administrators	4	11-23-2010 01:08 PM
Zimbra server got hacked, security?	violentpurr	Administrators	5	03-28-2008 12:04 AM
server possibly hacked - help getting Zimbra running	r_bin!	Administrators	12	11-05-2007 01:48 PM
Security and hacking	Dirk	Administrators	8	08-08-2006 08:39 AM

Downloads

Open Source Edition

Zimbra Desktop

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com

The best Java IDE

SEO by vBSEO ©2011, Crawlability, Inc.