Help my server is doing a DoS on google
Jason Shein
jason-xgs8i/e9EeWTtA8H5PvdGCwD8/FfD2ys at public.gmane.org
Sat Feb 11 03:29:47 UTC 2006
On Friday 10 February 2006 18:52, Robert F. Kennedy wrote:
> Thanks for the help.
>
> I couldn't find rpcxml.php but I did find xx.txt in /tmp. I deleted it and
> killed the one perl process. So far it hasn't started again. Could this
> problem be over or do I need to take further measures? (Besides upgrading
> Mambo when mamboforge.net comes back online, of course).
>
> Thanks,
> Robert
My suggestions:
Running rkhunter would be a good place to start.
http://www.rootkit.nl/
If anything is found to be compromised, repair using bootable media.
Afterwards, backup your Mambo installation using bigAPE Backup. Save it to
another PC.
http://www.bigape.co.uk
Nuke & Reinstall the OS. Sorry. This is the only way to be entirely sure you
are working with a secure system.
Reinstall Mambo, & install bigAPE Backup.
Recover from your backup file.
Move on. Live & learn.
On a last note, consider migrating to joomla!
http://www.joomla.org/
In case you did not know, it is maintained by the crew who coded Mambo.
--
Jason Shein
Director of Networking, Operations and Systems
Detached Networks
jason-xgs8i/e9EeWTtA8H5PvdGCwD8/FfD2ys at public.gmane.org
( 905 ) - 876 - 4158 Voice
( 905 ) - 876 - 5817 Mobile
http://www.detachednetworks.ca
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list