zEitEr
Super Moderator
Once again, your server is probably infected and attacking remote sites, or is under another kind of DNS attacks:
1. scan the server with malware scanners
2. check apache status/server logs
3. check system logs
4. use tcpdump
5. check a list of running software for suspicious activity
There is nothing secret, but a lot of things to check which might or not give clues and prove you're infected or not. Use publicly available guides for more information.
1. scan the server with malware scanners
2. check apache status/server logs
3. check system logs
4. use tcpdump
5. check a list of running software for suspicious activity
There is nothing secret, but a lot of things to check which might or not give clues and prove you're infected or not. Use publicly available guides for more information.