I just got the following mail from my server. I didn't install/update webmin manually, it's there as it has always been since I've set it up over a year ago. Is this just a normal regular automatic update mail, or should I be worried?
Sender: root@mydomain.com
Subject: Anacron job 'cron.daily' on mail.mydomain.com
Content:
/etc/cron.daily/0yum.cron:
Webmin install complete. You can now login to https://mail.mydomain.com:10000/
as root with your root password.
If you did not install Webmin or use it, I would be very concerned by this message.
Webmin provides a lot of access to change system settings, it is also known to have a large number of security flaws that could allow malicious users to break into your server.
If you are not actively using Webmin you should either remove it, stop it, or firewall it to make sure NO one can ever get to it with all but the 1st option you should also make sure you keep it up-to-date.
Here are just some of the issues with Webmin that they publish on there own site - http://www.webmin.com/security.html
