[BlueOnyx:05931] hacker scripts
Gerald Waugh
gwaugh at frontstreetnetworks.com
Mon Nov 29 12:08:22 -05 2010
Have a server been exploited several times
they come in through httpd
install scripts in /tmp
this one was dc.txt
# Priv8 ** Priv8 ** Priv8
# IRAN HACKERS SABOTAGE Connect Back Shell
# code by:LorD
# We Are :LorD-C0d3r-NT-\x90
# Email:LorD at ihsteam.com
we also had .sep and send
send sends sms emal, by the thousands @tmomail.net
How can I stop these people from downloading and running their scripts
in /tmp using httpd
--
Gerald
More information about the Blueonyx
mailing list