Nejc Novak ha scritto:
So, for now i killed this process, disabled the cronjob and killed web server - there is now way the attacker is capable of coming back into server or is there a chance that there is another backdoor installed somewhere (chkrootkit doesn't find anything).
try also rkhunter http://www.rootkit.nl/ Probably this will be a Debian package soon (?) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=243938 Ciao Davide -- Linux User: 302090: http://counter.li.org -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
