Security Problem

SeLLeRoNe

Super Moderator
Joined
Oct 9, 2004
Messages
6,806
Location
A Coruña, Spain
Hi,

i got a problem (maybe a big problem) on my Debian 4.0

Im starting to found proxy and **** like this on my machine, prolly installed by perl from customer bugged site. (PHP-Nuke or similar).

I know how found that but i dont know how found in what directory are installed process running and how found in what crontab they are located... Ive look into apache root diradmin admin and a customer crontab, but there is a way to look all crontab in same time? How can i fix this bug, they write some file in /tmp and in /var/tmp (one time in /usr/local/directadmi/customeapache/perldir).

There is someone that can help me, or, is directadmin support enable to solve this problem for me like a directadmin issue?

Thanks a lot for replys
 
Back
Top