thanks for the help, found the files in /var/tmp... thanks again
Eben
Dan Mahoney, System Admin wrote:
On Mon, 6 Jun 2005, Eben Goodman wrote:
find / -user apache -print
-Dan
I actually know which user it got through on, it came in through an
insecure php nuke application. I have since
it's way on?
thanks,
Eben
Dan Mahoney, System Admin wrote:
On Mon, 6 Jun 2005, Eben Goodman wrote:
If you're doing multi-hosting, look into suexec. the fact that it
runs CGI's as the user is kinda secondary to the fact that it shows
you WHICH user uploaded the insecure sc
I recently had an irc exploit on my server running this eggdrop relay
thing via apache. I was able to find the offending files and remove
them and the eggdrop processes went away for awhile, but now they are
back and try as I might I can't find any files that correspond to this
software. When
