Date: Mon, 27 Jun 2005 07:37:09 -0700 (PDT) From: dR <dystopianrebel@yahoo.com> To: freebsd-amd64@freebsd.org, freebsd-amd64@molecon.ru Subject: Re: freebsd-amd64 Digest, Vol 108, Issue 1 Message-ID: <20050627143709.49019.qmail@web52306.mail.yahoo.com> In-Reply-To: <20050627120006.5A15116A429@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Oleg, stop your Web server, check with the owner of your PHP bulletin-board source for a security update, and apply the patches immediately. Make sure that you use a robots.txt file to protect your site from Google and Yahoo indexing. The script kiddies are using search engines to find vulnerable PHP bulletin-board installations. As for identifying the culprit, I wish you success but I don't know if you will have any. Marko - - - Date: Mon, 27 Jun 2005 14:10:14 +0400 From: Oleg Rusanov <freebsd-amd64@molecon.ru> Subject: "sh -i" My server was hacked. How can i found hole on my server? To: freebsd-amd64 <freebsd-amd64@freebsd.org> Message-ID: <1525910592.20050627141014@molecon.ru> Content-Type: text/plain; charset=us-ascii Hello. My server was hacked. The CPU has been loaded on 99 % by "sh -i" process. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050627143709.49019.qmail>