[CentOS] Centos 5.3 -> Apache - Under Attack ? Oh hell....

Wed Jun 3 05:30:10 UTC 2009
Neil Aggarwal <neil at JAMMConsulting.com>

Bruce:

> my only point, was that reinstalling wotjout understanding 
> what was/is going
> on is a draconian step.. does it resolve the issue.. sire.. 
> does it get to
> what might have been the cause.. not in my opinion...

This point seems valid.  

If you do not understand why and how the machine was
compromised, there is no way to be sure a reinstall
will plug the security hole.

The reality of the matter is that it is extremely
unlikely that he could figure out precisely how
the machine was compromised.  There is just not going
to be a smoking gun that says the hacker did A, B,
and C and got in.

It would be prudent to review his web code to see
if he did something in an insecure way.  If his code
is open to attack, it will be so even if he puts it
on a new machine.

	Neil

--
Neil Aggarwal, (832)245-7314, www.JAMMConsulting.com
Eliminate junk email and reclaim your inbox.
Visit http://www.spammilter.com for details.