webmin security
attackers know that "admin" and "root" are default / popular webmin user accounts and may try to guess these passwordsso create a webmin user account with full rights and use webmin to delete all existing "admin" and "root" webmin user accounts
webmin attacks
check for attacks# grep unauthenticated /var/webmin/miniserv.log
sample buffer overflow attack
10.10.10.10 - - [28/Apr/2008:03:30:42 -0400] "POST /unauthenticated//..%01/..%01/ ...... /..%01/..%01/etc/shells HTTP/1.1" 404 32
REFERRERS
SystemSecurity
WebMin
