On Tue, 23 Feb 2010 11:27:21 -1000, Nate Itkin said: > On Tue, Feb 23, 2010 at 02:46:54PM -0500, Paul Stewart wrote: > > The problem is that a user on this box appears to be launching high > > traffic DOS attacks from it towards other sites. > > It's possible the user inadvertently enabled the same exploit after you > rebuilt the system. I suggest caution with assigning culpability.
Or the gold image used to rebuild was itself vulnerable. It happens a lot more often than you think. I'd suggest *lots* of caution with assigning culpability. ;)
pgpVGfUj2ugo0.pgp
Description: PGP signature
