[BlueOnyx:10151] Re: Trojans and backdoors?
Matthew Komar
mkomar at serverrack.net
Tue Apr 17 12:40:51 -05 2012
Web logs should make it apparent. I'll email you off list as well.
On 4/17/2012 1:34 PM, Darren Shea wrote:
> Our BlueOnyx system seems to have been compromised by some sort of php-based
> Trojan which is allowing spammers to send spam through the webserver. We're
> having a hard time tracking it down to a particular virtual site, and
> shutting off php for all users is not an option - besides the people using
> WordPress and shopping carts, the SquirrelMail interface breaks when php is
> shut off.
>
> Are there any updates which can help with this? We are using the SolarSpeed
> 5106R-PHP-5.3.8-SOL3AV package, and given all the issues we had getting the
> two different versions of php to play nice on BlueOnyx, we don't want to be
> to aggressive with upgrading.
>
> Also, is there a way to simply block the webserver from sending out on port
> 25?
>
> Thank you,
> Darren
> ECPI Western Broadband
> (512)257-1077
> (254)213-6116 fax
>
>
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
More information about the Blueonyx
mailing list