at the moment everiting is solved i have block the IP adress but i d'ont have found the script
>----- Oorspronkelijk bericht ----- >Van : da...@pnyet.web.id [mailto:da...@pnyet.web.id] >Verzonden : donderdag , december 24, 2009 01:07 PM >Aan : 'CentOS mailing list' >Onderwerp : Re: [CentOS] attack > >Triying find to what are users running on spacific command, you should using >top or ps or netstat please read the manual how to use it. After all and you >get some info unpluge your server from internet, see what log says. > >------Original Message------ >From: Manu Verhaegen >Sender: centos-boun...@centos.org >To: centos@centos.org >ReplyTo: CentOS mailing list >Subject: [CentOS] attack >Sent: Dec 24, 2009 6:31 PM > >Hi, > >My server is under attack allows the attacker to abuse of a php script of a >vhost. How can I find what is the script. > >Regards, > maverh > > > > > > >_______________________________________________ >CentOS mailing list >CentOS@centos.org >http://lists.centos.org/mailman/listinfo/centos > > >Warm regards, >David >--------------------- >./nobody >_______________________________________________ >CentOS mailing list >CentOS@centos.org >http://lists.centos.org/mailman/listinfo/centos > > _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
