hi! Karl Balsmeier wrote: > Hi, > > I have servers of mixed OS, some Centos, some Fedora, and after the > flame war that erupted last week (where I said basically nothing and > just watched), my server was hacked by this team of hackers, actually > their friend: the issue with cPanel + CentOS has been security related, always. They ( cPanel ) are very lethargic about doing security updates, and are quite willing to continue to push known bad packages. Also, they seem to have decided ( for no real reason, that i can see ) to use their own packages for the core operational packages on web servers ( stuff like php, mysql, apache etc ) - none of these apps are then being either audited / monitored / patched / updated like the other packages in the CentOS distribution are. Some very good points have been made by the others here w.r.t security and checklists etc. It would be nice to see someone from cPanel ( we know there are some on this list! ) address some of these issues... -- Karanbir Singh : http://www.karan.org/ : 2522219 at icq