at the moment everiting is solved i have block the IP adress but i d'ont have found the script
----- Oorspronkelijk bericht ----- Van
: david@pnyet.web.id [mailto:david@pnyet.web.id]
Verzonden
: donderdag , december 24, 2009 01:07 PM
Aan
: 'CentOS mailing list'
Onderwerp
: Re: [CentOS] attack
Triying find to what are users running on spacific command, you should using top or ps or netstat please read the manual how to use it. After all and you get some info unpluge your server from internet, see what log says.
------Original Message------ From: Manu Verhaegen Sender: centos-bounces@centos.org To: centos@centos.org ReplyTo: CentOS mailing list Subject: [CentOS] attack Sent: Dec 24, 2009 6:31 PM
Hi,
My server is under attack allows the attacker to abuse of a php script of a vhost. How can I find what is the script.
Regards, maverh
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Warm regards, David
./nobody _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos