On 03/15/2013 11:16 AM, Georgios Petasis wrote:
I suspect that it is a joomla 1.5.26 exploit. I have found two php files in the tmp folder of one web site, and POSTs to them in the apache access log file. (I know this is an old version of joomla, and I have made the mistake to make the folders tmp, cache & log writtable by the apache in selinux...) Thus, I have shutdown the web server, and monitor the server for a few days, to see if these firewall complains persist.
The only way to be sure the machine is clean is to re-install Fedora (and re-format) from scratch and probably and older version like F17 as F18 is very new.
This will also reassure your ISP that the issue is being addressed. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
