Linux Advocate wrote: > >>> --------------- >>> /etc/.pwd.lock /usr/share/man/man1/..1.gz /dev/.udev >>> --------------- >>> Please inspect: /usr/share/man/man1/..1.gz (gzip compressed data, from Unix, >>> >> max compression) /dev/.udev (directory) >> actually, I just checked on another system, those files appear to be normal google for horde exploits, and you will see there are some that look very much like those apache log entries you saw.