On Wednesday 03 June 2009 06:09:37 John R. Dennison wrote: > He's running an apache instance on cent5. He has processes he > can not readily identify running under apache named "atack"; > where does "windows" come into the equation? Several of the links returned by google have the following info: IIS WebDAV Exploit, I think one of the agobot worms tries to use it to get into Windows boxes. Anne -- New to KDE4? - get help from http://userbase.kde.org Just found a cool new feature? Add it to UserBase -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. URL: <http://lists.centos.org/pipermail/centos/attachments/20090603/ab720b6a/attachment-0005.sig>