Hi Syed, List...
First off, I'm getting the headers from my proxy log files (squid).
When I try to access http://www.esalton.com/ , I'm getting this:
[HTTP/1.1 *302 Moved Temporarily*\r\nDate: Fri, 27 Jan 2006 20:31:52
GMT\r\nServer: Apache/2.0.46 (Red Hat)\r\nSe
t-Cookie: JSESSIONID=448CA44547
Thanks for all the replies.
Strange thing about apache logs is that all requests done to AWSTATS cgi
returned only 404 ... funny...
About sanitizing my box, It will be most than difficult, almost
impossible... Checked already a lot of "infected" files, and I'm sure
there are a lot more.
He
Kk, here is what I've got so far:
My system seems to be infected by some kind of trojan/worm/virus called
Unix/Hacktop, wich does (for what I'm seeing) some kind of scanport via
ssh (22).
I found some related info saying that the intruder could be using a
security flaw from AWSTATS + Apache to
Hi everyone,
I'm using the Apache HTTPD 2.0.54 webserver + PHP 4.3.11 on a Linux box.
I'm having constant high loads in my httpd process, and I would like to
find out what's causing this high load. eg, if it's a page, wich one is
causing this high load.
Thanks in advance,
Anderson
-
