On 03/15/2013 11:16 AM, Georgios Petasis wrote:
I suspect that it is a joomla 1.5.26 exploit. I have found two php files
in the tmp folder of one web site,
and POSTs to them in the apache access log file.
(I know this is an old version of joomla, and I have made the mistake to
make the folders tmp, cache & log writtable by the apache in selinux...)
Thus, I have shutdown the web server, and monitor the server for a few
days, to see if these firewall complains persist.
The only way to be sure the machine is clean is to re-install Fedora
(and re-format) from scratch and probably and older version like F17 as
F18 is very new.
This will also reassure your ISP that the issue is being addressed.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
