[BlueOnyx:09177] Re: Some kind of attack?
Abdul Rashid Abdullah
webmaster at muntada.com
Tue Dec 6 19:22:04 -05 2011
Thanks for the tip. Fortunately nothing in the access_logŠSo looks like
the attack vector is something else.
On 12/6/11 6:40 PM, "webmaster" <webmaster at oldcabin.net> wrote:
>
>
>See if you can find corresponding entries in the http logs
>
>Perhaps you have someone pounding away at a mail script?
>
>:
>> I just had a situation in which my server became overwhelmed.
>>Fortunately
>> I was able to login and found a lot of processes such as the following
>>on
>> the system:
>>
>> root 5031 18125 0 17:21 ? 00:00:00 sendmail: server
>> 115-64-9-98.static.tpgi.com.au [115.64.9.98] cmd read
>>
>> I stopped sendmail services and then restarted them which killed of all
>>of
>> these processes. What else should I do and is there a vulnerability in
>> the system that is being exploited? Does it require a patch or is it a
>> configuration issue?
>>
>> -Rashid
>>
>>
>>
>> _______________________________________________
>> Blueonyx mailing list
>> Blueonyx at mail.blueonyx.it
>> http://mail.blueonyx.it/mailman/listinfo/blueonyx
>>
>
>_______________________________________________
>Blueonyx mailing list
>Blueonyx at mail.blueonyx.it
>http://mail.blueonyx.it/mailman/listinfo/blueonyx
>
More information about the Blueonyx
mailing list