Results 1 to 7 of 7

Thread: MySQL Databases Hacked???

  1. #1
    rome9t9's Avatar
    rome9t9 is offline No Longer Loves SEO
    Join Date
    Mar 2009
    Location
    If I tell you, I would have to kill you.
    Posts
    614
    Blog Entries
    4
    Thanks
    168
    Thanked 105 Times in 77 Posts

    MySQL Databases Hacked???

    Ok, first off, I don't know anything about databases and site management. I was in my cpanel and wanted to remove few databases that didnt get deleted while uninstalling wordpress.

    I looked in to the "Remote Database Access Hosts" and found two Access Hosts. I have never given access to anyone to my databases. I have attached the screenshot below.

    Though I've removed both of them I want to know is there anything I should be worried about??? I rarely log into my cpanel and there's nothing much I do there. However, I do remember, few months back, asking my host to move me to another server as the one I was using was slow.

    Also, few days ago my host moved all the sites from their server to cloud computing or something like that. Thats all I know that happened since the time I started hosting with them. Does moving sites involve creation of Access Hosts?

    I opened a support ticket with my host and they couldn't figure out how the Access Hosts came and asked me to delete them.

    I host 5 sites with them and havent seen anything fishy in any of them. But I don't know how to check the databases for any tampering.
    Attached Images Attached Images

  2. #2
    eXe
    eXe is offline Newbie Net Builder
    Join Date
    Dec 2008
    Posts
    71
    Thanks
    17
    Thanked 19 Times in 7 Posts
    192.168.1.* is usually the router or switch's IP and I'm guessing rahul is your username?
    500 permanent & relevant social bookmarking links for $75. 1000 article submission for $86

    RepBully.com

  3. #3
    SonnyCooL's Avatar
    SonnyCooL is offline HeeHa
    Join Date
    Jan 2010
    Location
    Melb/Malaysia
    Posts
    920
    Thanks
    250
    Thanked 92 Times in 78 Posts
    yah u have no worry on 192.168.1.* ip, like what exe said, should be ur own connection

  4. #4
    rome9t9's Avatar
    rome9t9 is offline No Longer Loves SEO
    Join Date
    Mar 2009
    Location
    If I tell you, I would have to kill you.
    Posts
    614
    Blog Entries
    4
    Thanks
    168
    Thanked 105 Times in 77 Posts
    No.. Rahul is not my username or name.. This was the first time I ever checked my Access Hosts.

    Can I find any history logs of what changes 'rahul' did???

  5. #5
    SonnyCooL's Avatar
    SonnyCooL is offline HeeHa
    Join Date
    Jan 2010
    Location
    Melb/Malaysia
    Posts
    920
    Thanks
    250
    Thanked 92 Times in 78 Posts
    ask ur host provider ... they should have clearer picture

  6. #6
    eXe
    eXe is offline Newbie Net Builder
    Join Date
    Dec 2008
    Posts
    71
    Thanks
    17
    Thanked 19 Times in 7 Posts
    Who/how was the DB set up? If it was moved there is a chance that whoever did the moving created a new dbuser called rahul. Look in your wordpress config file, what's the user/pass used to connect to the db?

    You should really take this over to the cpanel forums for a detailed examination. Or PM me details I'll look at it for free.

    I doubt that you've been hacked but I'm interested nevertheless, there is of course the possibility. Do update...

    As for logs you can get them thru cpanel>> logs>> raw. But I doubt you would find anything useful there if you have indeed been hacked without being specifically targeted.

    Edit: While on the subject, check out http://www.zenssh.com/
    500 permanent & relevant social bookmarking links for $75. 1000 article submission for $86

    RepBully.com

  7. #7
    rome9t9's Avatar
    rome9t9 is offline No Longer Loves SEO
    Join Date
    Mar 2009
    Location
    If I tell you, I would have to kill you.
    Posts
    614
    Blog Entries
    4
    Thanks
    168
    Thanked 105 Times in 77 Posts
    I asked my host..they said it might have been created when my host moved me to another server and forgot to delete the access host..it was many months back so the recent logs dont show any data... I asked in the cpanel forum and people there said the same..

Similar Threads

  1. V7N Hacked!
    By WebEvader in forum Forum Life
    Replies: 12
    Last Post: 29 September, 2010, 09:17 AM
  2. Hacked
    By Sbfc_ in forum Community Building
    Replies: 24
    Last Post: 26 March, 2010, 12:48 PM
  3. Replies: 4
    Last Post: 23 January, 2010, 09:52 AM
  4. Replies: 0
    Last Post: 23 December, 2009, 02:34 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •