at the moment everiting is solved i have block the IP adress but i d'ont have found the script >----- Oorspronkelijk bericht ----- >Van : david at pnyet.web.id [mailto:david at pnyet.web.id] >Verzonden : donderdag , december 24, 2009 01:07 PM >Aan : 'CentOS mailing list' >Onderwerp : Re: [CentOS] attack > >Triying find to what are users running on spacific command, you should using top or ps or netstat please read the manual how to use it. After all and you get some info unpluge your server from internet, see what log says. > >------Original Message------ >From: Manu Verhaegen >Sender: centos-bounces at centos.org >To: centos at centos.org >ReplyTo: CentOS mailing list >Subject: [CentOS] attack >Sent: Dec 24, 2009 6:31 PM > >Hi, > >My server is under attack allows the attacker to abuse of a php script of a vhost. How can I find what is the script. > >Regards, > maverh > > > > > > >_______________________________________________ >CentOS mailing list >CentOS at centos.org >http://lists.centos.org/mailman/listinfo/centos > > >Warm regards, >David >--------------------- >./nobody >_______________________________________________ >CentOS mailing list >CentOS at centos.org >http://lists.centos.org/mailman/listinfo/centos > >