Hi, I'm have a repo with many security tools.. if you can test... i'm upload a few packages from fedora, other sources, and created by me.. http://flexbox.sourceforge.net/centos/5/i386/flexbox-release-1-1.noarch.rpm Try to install sectool, and verify your system.. You can try to use fail2ban for list maillog, and blacklists ips... I'm using fail2ban+shorewall+ipset Fernando. On Thu, 24 Dec 2009 14:48:30 +0000 "Manu Verhaegen" <maverh at telenet.be> wrote: > Hi, > > i ame checking this > > thanks, > Manu > > > -----Oorspronkelijk bericht----- > Van: centos-bounces at centos.org [mailto:centos-bounces at centos.org] Namens Kai Schaetzl > Verzonden: donderdag 24 december 2009 15:32 > Aan: centos at centos.org > Onderwerp: Re: [CentOS] attack > > Obviously, if you are running several vhosts and plesk you likely have > other logs to check. Also, one can usually see the origin of the mail > injection in the maillog (e.g. complaints about setting to an unsafe > sender) or in the outgoing messages. At runtime you can see the connects > with full URLs on the apache status page. > > Kai > > -- > Kai Schätzl, Berlin, Germany > Get your web at Conactive Internet Services: http://www.conactive.com > > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos -- Fernando Hallberg <fernando at flexdigital.com.br> Flex Digital Soluções em Redes de Dados http://www.flexdigital.com.br