It was not overwritten. If you looked on the server, it was just fine. But an executable was delivered instead. In any case, it is gone with the wind -- DBAN is now running on the server. Hopefully, the reinstallation will work better. Mike. -- Michael D. Berger m.d.ber...@ieee.org http://www.rosemike.net/
_____ From: Dino B. [mailto:mypascal2...@gmail.com] Sent: Monday, January 04, 2016 19:36 To: users@httpd.apache.org Subject: RE: [users@httpd] Possible virus via httpd server Hmmm, index. Html is just default page??? Strange that that it got overwritten by some executable -- Dino Buljubasic -- Dino Buljubasic Cell 604 441 3560 Please pardon my brevity - sent from my mobile device. Please excuse any typos. On Jan 4, 2016 12:38, "Michael D. Berger" <m.d.ber...@ieee.org> wrote: Following your suggestion, I made use of my daily backups to install the httpd.conf from two days ago, when all was well. The problem was the same. I tried sublitting a file to sophos, but I would have to join, and I am not ready for that. See also my next email. Still heading toward DBAN. Thanks, Mike. -- Michael D. Berger m.d.ber...@ieee.org http://www.rosemike.net/ > -----Original Message----- > From: Keith Roberts [mailto:keith.robe...@ecric.nhs.uk] > Sent: Monday, January 04, 2016 11:25 > To: users@httpd.apache.org > Subject: Re: [users@httpd] Possible virus via httpd server > > Hi Mike. > > You might like to send this to sophos for analysis: > > https://www.sophos.com/en-us/support/knowledgebase/11490.aspx > > As index.html is the default page if nothing else is > configured, has your httpd.conf file been modified to server > this binary file instead of index.html? > > HTH, > > Keith Roberts > > On 4 Jan 2016, at 16:18, Michael D. Berger > <m.d.ber...@ieee.org> wrote: > > > Warning: This message contains unverified links which may > not be safe. You should only click links if you are sure > they are from a trusted source. > > Examining with Lemmy (A Windows version of VI), it looks > like a binary file. > > Size is 181.4 KB. > > I am considering my favorite virus remover: DBAN, but it would take > > several days work to recover from that. > > > > Mike. > > -- > > Michael D. Berger > > m.d.ber...@ieee.org > > http://www.rosemike.net/ > > > > > >> -----Original Message----- > >> From: Daniel Beardsmore [mailto:dan...@trustnetworks.co.uk] > >> Sent: Monday, January 04, 2016 05:03 > >> To: users@httpd.apache.org > >> Subject: RE: [users@httpd] Possible virus via httpd server > >> > >> Well, what do you see if you examine the file in a text editor? > >> > >>> -----Original Message----- > >>> From: Michael D. Berger [mailto:m.d.ber...@ieee.org] > >>> Sent: 04 January 2016 05:03 > >>> To: Apache-Users > >>> Subject: [users@httpd] Possible virus via httpd server > >>> > >>> Using my WinXP Firefox client to access my previously > working httpd > >>> 2.4 server on Fedora 23 gets a file named 1OfvyQ5L instead of my > >>> index.html . Do you think I have a virus on my Linux box? I did > >>> notice that my iptables is not as tight as it should be. > >>> > >>> -- > >>> Michael D. Berger > >>> m.d.ber...@ieee.org > >>> http://www.rosemike.net/ > >>> > >>> > >>> > >>> > >> > --------------------------------------------------------------------- > >>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > >>> For additional commands, e-mail: users-h...@httpd.apache.org > >>> > >>> > >> > --------------------------------------------------------------------- > >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > >> For additional commands, e-mail: users-h...@httpd.apache.org > >> > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > > For additional commands, e-mail: users-h...@httpd.apache.org > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
