at the moment everiting is solved i have block the IP adress but i d'ont have found the script
>----- Oorspronkelijk bericht -----
>Van
: david@xxxxxxxxxxxx [mailto:david@xxxxxxxxxxxx]
>Verzonden
: donderdag
, december
24, 2009 01:07 PM
>Aan
: 'CentOS mailing list'
>Onderwerp
: Re: attack
>
>Triying find to what are users running on spacific command, you should using top or ps or netstat please read the manual how to use it. After all and you get some info unpluge your server from internet, see what log says.
>
>------Original Message------
>From: Manu Verhaegen
>Sender: centos-bounces@xxxxxxxxxx
>To: centos@xxxxxxxxxx
>ReplyTo: CentOS mailing list
>Subject: attack
>Sent: Dec 24, 2009 6:31 PM
>
>Hi,
>
>My server is under attack allows the attacker to abuse of a php script of a vhost. How can I find what is the script.
>
>Regards,
> maverh
>
>
>
>
>
>
>_______________________________________________
>CentOS mailing list
>CentOS@xxxxxxxxxx
>http://lists.centos.org/mailman/listinfo/centos
>
>
>Warm regards,
>David
>---------------------
>./nobody
>_______________________________________________
>CentOS mailing list
>CentOS@xxxxxxxxxx
>http://lists.centos.org/mailman/listinfo/centos
>
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
