Following your suggestion, I made use of my daily backups to install the httpd.conf from two days ago, when all was well. The problem was the same. I tried sublitting a file to sophos, but I would have to join, and I am not ready for that. See also my next email. Still heading toward DBAN. Thanks, Mike. -- Michael D. Berger m.d.berger@xxxxxxxx http://www.rosemike.net/ > -----Original Message----- > From: Keith Roberts [mailto:keith.roberts@xxxxxxxxxxxx] > Sent: Monday, January 04, 2016 11:25 > To: users@xxxxxxxxxxxxxxxx > Subject: Re: Possible virus via httpd server > > Hi Mike. > > You might like to send this to sophos for analysis: > > https://www.sophos.com/en-us/support/knowledgebase/11490.aspx > > As index.html is the default page if nothing else is > configured, has your httpd.conf file been modified to server > this binary file instead of index.html? > > HTH, > > Keith Roberts > > On 4 Jan 2016, at 16:18, Michael D. Berger > <m.d.berger@xxxxxxxx> wrote: > > > Warning: This message contains unverified links which may > not be safe. You should only click links if you are sure > they are from a trusted source. > > Examining with Lemmy (A Windows version of VI), it looks > like a binary file. > > Size is 181.4 KB. > > I am considering my favorite virus remover: DBAN, but it would take > > several days work to recover from that. > > > > Mike. > > -- > > Michael D. Berger > > m.d.berger@xxxxxxxx > > http://www.rosemike.net/ > > > > > >> -----Original Message----- > >> From: Daniel Beardsmore [mailto:daniel@xxxxxxxxxxxxxxxxxxx] > >> Sent: Monday, January 04, 2016 05:03 > >> To: users@xxxxxxxxxxxxxxxx > >> Subject: RE: Possible virus via httpd server > >> > >> Well, what do you see if you examine the file in a text editor? > >> > >>> -----Original Message----- > >>> From: Michael D. Berger [mailto:m.d.berger@xxxxxxxx] > >>> Sent: 04 January 2016 05:03 > >>> To: Apache-Users > >>> Subject: Possible virus via httpd server > >>> > >>> Using my WinXP Firefox client to access my previously > working httpd > >>> 2.4 server on Fedora 23 gets a file named 1OfvyQ5L instead of my > >>> index.html . Do you think I have a virus on my Linux box? I did > >>> notice that my iptables is not as tight as it should be. > >>> > >>> -- > >>> Michael D. Berger > >>> m.d.berger@xxxxxxxx > >>> http://www.rosemike.net/ > >>> > >>> > >>> > >>> > >> > --------------------------------------------------------------------- > >>> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > >>> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > >>> > >>> > >> > --------------------------------------------------------------------- > >> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > >> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > >> > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|