[CentOS] Centos 5.3 -> Apache - Under Attack ? Oh hell....

Wed Jun 3 13:34:06 UTC 2009
Neil Aggarwal <neil at JAMMConsulting.com>

Maco:

> i am not worried abt reinstalling ( i loathe doing it ) but 
> my worry here ( as some of you have  accurately pointed out ) 
> is that the 'issue' will repeat again bcos i just downt know 
> what happened. I m just surprised that a centos box was compromised.

If you are only running software installed
from the repos, the best thing to do is to wipe
and reinstall the machine from scratch.
Make sure it has the latest versions of everything
you are using.

Like I said earlier, it is going to be very hard to
determine exactly how it was hacked.  Hopefully,
whatever the hacker used has been patched.

If it is a new exploit, any CentOS server is
vulnerable, not just yours.  I assume the hacker
would compromise more machines than just yours.
The hole will eventually be discovered and fixed.

As I said before, nothing is 100% secure.

	Neil

--
Neil Aggarwal, (832)245-7314, www.JAMMConsulting.com
Eliminate junk email and reclaim your inbox.
Visit http://www.spammilter.com for details.