On 1/28/06, James R. Hay <jrhay@xxxxxxxxxx> wrote: > The entries below were found in the Apache error log while investigating on > apparent exploit. Thus far I have not found any corresponding access log entry > and I am wondering if this is an indication that the intruder gained a shell? Close enough. It is the stderr from a broken script someplace, most likely indicating that you have a compromised php script on your system. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|