If the file begins "MZ" (the MS-DOS stub found at the start of Windows executables) then it's very likely to be a Windows program intended for execution, which would be bad news. It's interesting that you say "index.html" -- does this server serve all static pages, or does index.html reference a CMS that could have vulnerabilities? > -----Original Message----- > From: Michael D. Berger [mailto:m.d.berger@xxxxxxxx] > Sent: 04 January 2016 16:18 > To: users@xxxxxxxxxxxxxxxx > Subject: RE: Possible virus via httpd server > > Examining with Lemmy (A Windows version of VI), it looks like > a binary file. > Size is 181.4 KB. > I am considering my favorite virus remover: DBAN, but it > would take several > days work to > recover from that. > > Mike. > -- > Michael D. Berger > m.d.berger@xxxxxxxx > http://www.rosemike.net/ > > > > -----Original Message----- > > From: Daniel Beardsmore [mailto:daniel@xxxxxxxxxxxxxxxxxxx] > > Sent: Monday, January 04, 2016 05:03 > > To: users@xxxxxxxxxxxxxxxx > > Subject: RE: Possible virus via httpd server > > > > Well, what do you see if you examine the file in a text editor? > > > > > -----Original Message----- > > > From: Michael D. Berger [mailto:m.d.berger@xxxxxxxx] > > > Sent: 04 January 2016 05:03 > > > To: Apache-Users > > > Subject: Possible virus via httpd server > > > > > > Using my WinXP Firefox client to access my previously > working httpd > > > 2.4 server on Fedora 23 gets a file named 1OfvyQ5L instead of my > > > index.html . Do you think I have a virus on my Linux box? I did > > > notice that my iptables is not as tight as it should be. > > > > > > -- > > > Michael D. Berger > > > m.d.berger@xxxxxxxx > > > http://www.rosemike.net/ > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > > > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|