Re: Possible virus via httpd server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Mike.

You might like to send this to sophos for analysis:

https://www.sophos.com/en-us/support/knowledgebase/11490.aspx

As index.html is the default page if nothing else is configured, has your httpd.conf file been modified to server this binary file
instead of index.html?

HTH,

Keith Roberts

On 4 Jan 2016, at 16:18, Michael D. Berger <m.d.berger@xxxxxxxx> wrote:

> Warning: This message contains unverified links which may not be safe.  You should only click links if you are sure they are from a trusted source.
> Examining with Lemmy (A Windows version of VI), it looks like a binary file.
> Size is 181.4 KB.
> I am considering my favorite virus remover: DBAN, but it would take several
> days work to
> recover from that.
> 
> Mike.
> --
> Michael D. Berger
> m.d.berger@xxxxxxxx
> http://www.rosemike.net/
> 
> 
>> -----Original Message-----
>> From: Daniel Beardsmore [mailto:daniel@xxxxxxxxxxxxxxxxxxx] 
>> Sent: Monday, January 04, 2016 05:03
>> To: users@xxxxxxxxxxxxxxxx
>> Subject: RE:  Possible virus via httpd server
>> 
>> Well, what do you see if you examine the file in a text editor?
>> 
>>> -----Original Message-----
>>> From: Michael D. Berger [mailto:m.d.berger@xxxxxxxx]
>>> Sent: 04 January 2016 05:03
>>> To: Apache-Users
>>> Subject:  Possible virus via httpd server
>>> 
>>> Using my WinXP Firefox client to access my previously working httpd 
>>> 2.4 server on Fedora 23 gets a file named 1OfvyQ5L instead of my 
>>> index.html .  Do you think I have a virus on my Linux box?  I did 
>>> notice that my iptables is not as tight as it should be.
>>> 
>>> --
>>> Michael D. Berger
>>> m.d.berger@xxxxxxxx
>>> http://www.rosemike.net/
>>> 
>>> 
>>> 
>>> 
>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>>> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>>> 
>>> 
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx





[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux