I firewall it off for all but the IP range used on a VPN. Not perfect but it helps mitigate this sort of stuff as the attacker would need to be connected to the VPN.

On 14 Apr 2014 21:17, "Keith Williams" <keithwilliamsnp@gmail.com> wrote:

Having received Andy's warning about webmin on one of my vps, I have closed down webmin on both. Having updated the SSL and libraries already, and then restarted all services as soon as I saw the initial announcement, I thought I was in the clear, but obviously not. So can someone suggest what I do about webmin? I am running latest webmin on Debian Wheezy

On 14 April 2014 20:34, Andy Smith <andy@bitfolk.com> wrote:
Hi Ian,

On Mon, Apr 14, 2014 at 09:36:27AM +0100, Ian wrote:
> Andy said:
>
> >> What about Webmin (10000) and Usermin(20000)?
> >
> > Thanks, I'll give them a try.
>
> Did you do a test between 2am and now?

Yes, at just after 3am. I found a few webmin and usermin. I haven't
notified the affected people yet, but hope to do so this evening.

Cheers,
Andy

--
http://bitfolk.com/ -- No-nonsense VPS hosting

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEAREDAAYFAlNMOC0ACgkQIJm2TL8VSQv3HACePydm11y5DABfiiFQeb83dV/b
Au0AnRBeHnp45xhVy4kQWsS3I1gzmPHP
=In2V
-----END PGP SIGNATURE-----

_______________________________________________
users mailing list
users@lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/users

--
Keith Williams

Farang Can Learn Thai www.farangcanlearnthai.com

Keith's Place www.keiths-place.co.uk

Tailor Made English www.tmenglish.org

West Norfolk RSPCA www.westnorfolkrspca.org.uk

_______________________________________________
users mailing list
users@lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/users