[CentOS] attack

Thu Dec 24 14:31:34 UTC 2009
Kai Schaetzl <maillists at conactive.com>

Obviously, if you are running several vhosts and plesk you likely have 
other logs to check. Also, one can usually see the origin of the mail 
injection in the maillog (e.g. complaints about setting to an unsafe 
sender) or in the outgoing messages. At runtime you can see the connects 
with full URLs on the apache status page.

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com