Linux | FreeBSD | OpenBSD | NetBSD | BSDI | AIX | Solaris/SunOS | Tru64 | HP-UX | IRIX | Minux | SCO Unix | Mac OS X

UNIX Resources » Linux » Linux Forum » Linux Security » Page.1 » Apache hijacked!? - Help needed Urgently !!! - output.txt (0/1)

The content of this page is collected from Linux Forum, All copyrights and other associated rights are reserved by the original authors of the articles.

Resources China Linux Forum(finished) Linux Forum(finished) FreeBSD China(finished) linuxforum.com   LinuxForum General Chat   Linux Advocacy   LinuxForum Polls   Introductions   Linux Kernel Support   Patch Management   Development Release   Linux Programming   Linux Security   Linux Software   Linux Hardware Problems     Linux Video Problems     Linux Sound Problems   Linux Networking Support   Linux Printing Support   Linux Human Interface Devices Support   Linux Data Storage Support   Linux Applications Support   Linux Installation Support   Linux Laptops Support   Linux Motherboard, Chipsets, CPU, Memory   Miscellaneous   Debian Linux Support   Ubuntu Linux Support   LiveCD Discussions   Gentoo Linux Support   Mandrake Linux Support   Redhat / Fedora Linux Support   Slackware Linux Support   SuSE Linux Support   CentOS Linux Support   Linux Web Servers   Linux DNS Servers   Linux Database Servers   Linux Email Servers   Linux FTP Servers   Linux Squid Proxy Server   Linux Samba Help   Linux cPanel Help   Linux Ensim Help   Linux Plesk Help   Linux Webmin / Usermin Help   Qmail Toaster Help   Linux Games   Windows Game Emulation   Linux Discussions   General Linux Discussions   Red Hat Linux Discussions   More Red Hat Linux Discussions   Mandrake Linux Discussions   Slackware Linux Discussions   SuSE Linux Discussions   Debian Discussions   Samba Help   Linux Security   Linux Networking   Gentoo Help   Operating System Rant Forum   Hardware Rants

Apache hijacked!? - Help needed Urgently !!! - output.txt (0/1) Subject: Apache hijacked!? - Help needed Urgently !!! - output.txt (0/1) Author: DC    Posted: 2006-01-31 09:43:19    Length: 1,086 byte(s) [Original] [Print] [Top] We have been noticing some strange errors on two of our servers recently, such as failure to mount floppy disks, failure to eject the cdrom drive. at least these are the ones that caught our attention.  Nobody has physical access to the server, and nobody that has root access has tried to do either of the above. Somewhere along the line i found modprobe in one of the error messages. I made a wrapper for the modprobe command (in the attachement) Randomly, (maybe once every other day) I actually get email from this script. (also in the attachment) I am extremely concerned about this because it appears that modprobe is being run by the web server (as root none-the less) I cannot think of anything that would rationalize apache running modprobe. Any ideas on what my have caused this? (PS. The timing is not consistant, and I don't see anything in cron that would do this) and in a worst case scenario - If this is a real break-in, what can I do to catch the user in the act. [Original] [Print] [Top] Subject: Apache hijacked!? - Help needed Urgently !!! - output.txt (0/1) Author: DC    Posted: 2006-01-31 09:54:40    Length: 146 byte(s) [Original] [Print] [Top] Crap..  Sorry about this double post. I got an error message about the attachement, and thought the post didn't go through. [Original] [Print] [Top] « Previous thread apache hijacked! - Help needed urgently! Linux Security Page. 1 Next thread » POSITIF - Security Framework

Enter your search terms Submit search form   Web unixresources.net

Copyright © 2007 UNIX Resources Network, All Rights Reserved.      About URN | Privacy & Legal | Help | Contact us

Powered by FreeBSD    webmaster: webmaster@unixresources.net

This page created on 2007-08-01 13:09:53, cost 0.021061897277832 ms.