On 30/11/2007, Alfredo Perez <[EMAIL PROTECTED]> wrote:
> Furthermore, this question is for the list
>
> I have a Centos 5 server running sshd
> for me to signon and check my emails.
>
> I use denyhosts to protect port 22.
>
> Is there anyother software you people use
> to protect your servers.
Th
On 30/11/2007, Evans F. Mitchell KD4EFM / AFA2TH / WQFK-894
<[EMAIL PROTECTED]> wrote:
> By any chances, have you ran 'ps ax' from root and looked
> to see what does not look like it should be there??
>
> IF you are willing, paste your 'ps' output for us to
> help you find the program that is runni
On Fri, 2007-11-30 at 12:22 -0500, Alfredo Perez wrote:
> > >
> > > Hi Can you tell me which virus scan you are using?
> > >
> > > Thanks
> > >
> Can you share your findings with us?
Yes, however this thread will be dead from my end for the next 2 weeks due to
travel.
I am taking some files
k.
> >
> > Evans F. Mitchell KD4EFM/AFA2TH/WQFK-894
> >
> >
> >
> >
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
> > Of Alfredo Perez
> > Sent: Friday, November 30, 2007 7:40 AM
&g
er
> IF your not needing it.
>
> Good Luck.
>
> Evans F. Mitchell KD4EFM/AFA2TH/WQFK-894
>
>
>
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
> Of Alfredo Perez
> Sent: Friday, November 30, 2007 7:40 AM
> To: CentOS mail
eding it.
Good Luck.
Evans F. Mitchell KD4EFM/AFA2TH/WQFK-894
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Alfredo Perez
Sent: Friday, November 30, 2007 7:40 AM
To: CentOS mailing list
Subject: Re: [CentOS] CleanLog.h
On Thu, Nov 29, 2007 at 04:43:
On Fri, 2007-11-30 at 07:40 -0500, Alfredo Perez wrote:
> On Thu, Nov 29, 2007 at 04:43:44PM -0600, B.J. McClure wrote:
> > Sad to say one of my file servers was exploited and used to run a
> > Phishing scam. Have identified subject virus amongst other things. It
> > appears twice in a virus sca
On Thu, Nov 29, 2007 at 04:43:44PM -0600, B.J. McClure wrote:
> Sad to say one of my file servers was exploited and used to run a
> Phishing scam. Have identified subject virus amongst other things. It
> appears twice in a virus scan; /sbin/z (which I assume can just be
> deleted) and /sys/bus/se
On Fri, 2007-11-30 at 12:26 +1100, Amos Shapira wrote:
> On 30/11/2007, Ross S. W. Walker <[EMAIL PROTECTED]> wrote:
>
> Find out how they got in and make sure that hole is fixed.
>
> Do an rpm verify on all installed packages (excluding
> configs), reinstall th
On 30/11/2007, Ross S. W. Walker <[EMAIL PROTECTED]> wrote:
> Find out how they got in and make sure that hole is fixed.
>
> Do an rpm verify on all installed packages (excluding configs), reinstall
> the rpms that fail the verify.
>
> Find all binaries that are not accountable in rpm and nuke the
To: CentOS mailing list
Sent: Thu Nov 29 17:43:44 2007
Subject: [CentOS] CleanLog.h
Sad to say one of my file servers was exploited and used to run a Phishing
scam. Have identified subject virus amongst other things. It appears twice in
a virus scan; /sbin/z (which I assume can just be deleted
On Thu, 29 Nov 2007 16:43:44 -0600
"B.J. McClure" <[EMAIL PROTECTED]> wrote:
> Sad to say one of my file servers was exploited and used to run a
> Phishing scam.
One of the problems with being r00ted is that you can never be sure that you
have found all of the stuff that the bad guy left behind
On 30/11/2007, B.J. McClure <[EMAIL PROTECTED]> wrote:
>
> Sad to say one of my file servers was exploited and used to run a
> Phishing scam. Have identified subject virus amongst other things. It
> appears twice in a virus scan; /sbin/z (which I assume can just be deleted)
> and /sys/bus/serio/
Sad to say one of my file servers was exploited and used to run a
Phishing scam. Have identified subject virus amongst other things. It
appears twice in a virus scan; /sbin/z (which I assume can just be
deleted) and /sys/bus/serio/drivers/atkbd/description. The latter file
is also present in ide
14 matches
Mail list logo
