I appear to be attacking others

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

James Pifer wrote:
> 
> > Find one of the processes that's still alive and do "ls -l /proc/<pid>".
> > That will give you some info about it. The exe entry should be a link to
> > the executable itself.
> > 
> 
> ok, I found it. Now what? You said run strings? I get:
>  Multi-thread FTP scanner v0.2.5 by Inode <inode@xxxxxxxxxxxxxx>

That looks like the ftp scanner which can be found at
<http://wayreth.eu.org/> - somebody is probably using your box to find
insecure ftp servers for sharing files.

Can you do an "ls -lah /dev/shm/..\ /"?

Ralph
-- 
Ralph Angenendt......ra@xxxxxxxxxxxx | .."Text processing has made it possible
Bayerischer Rundfunk...80300 M?nchen | ....to right-justify any idea, even one
Programmbereich.Bayern 3, Jugend und | .which cannot be justified on any other
Multimedia.........Tl:089.5900.16023 | ..........grounds." -- J. Finnegan, USC
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.centos.org/pipermail/centos/attachments/20060205/2507fb2b/attachment.bin
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux