By Date:	<-- -->
By Thread:	<-- -->

Apache Security

From: Jason Bradley Nance <aitrus (at) tresgeek.net>
Date: Thu, 22 Jun 2006 12:05:45 -0500

My question is why is this happening? Obviously it's some apache exploit.

I wouldn't jump to the conclusion that it's an Apache exploit. It's more likely to be an issue with an insecure script assuming they are even coming in through the web server.

A few questions:

1) What makes you think this is an Apache issue?

2) What other services are running on the box?

3) How did you clean up after the first hack?

4) Are you sure that a user account hasn't been cracked?

5) Do you allow root logins via ssh?
_______________________________________________
CentOS mailing list
CentOS (at) centos.org
http://lists.centos.org/mailman/listinfo/centos

Follow-Ups:
- Apache Security
  - From: "Matthew T. O'Connor" <matthew (at) zeut.net>

References:
- Apache Security
  - From: "Matthew T. O'Connor" <matthew (at) zeut.net>

Prev by Date: Apache Security
Next by Date: Apache Security
Previous by thread: Apache Security
Next by thread: Apache Security
Index(es):
- Main
- Thread