Re: attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



> Hi,
> 
> i have Check my tmp directory and subdirectorys for std, 
> udp.pl no file exist.  Also i have check /etc/passwd and 
> /etc/shadow for unusual users.  
> 
> regards

Manu,

forgive me if i missed it when i deleted several of the posts in the thread
yet how hard is it to check all the pertinent logfiles?

unless this is a very sophisticated compromise that hides, moves, or deletes
things, or the management system is trash, the info you need is "typically"
in one or more of the various logfiles on the system

something as simple 

man less

less /var/log/httpd/access_log

less /var/log/httpd/error_log

replace appropriate logfile names as necessary...

in general, there are many you can look at to gain some wisdom...

 - rh

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux