[38688] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Apache hacks (./atac, d0s.txt)

daemon@ATHENA.MIT.EDU (a.list.address@gmail.com)
Mon May 2 16:39:55 2005

Message-ID: <d4093bc205043020112c6337c2@mail.gmail.com>
Date: Sat, 30 Apr 2005 22:11:48 -0500
From: "a.list.address@gmail.com" <a.list.address@gmail.com>
Reply-To: "a.list.address@gmail.com" <a.list.address@gmail.com>
To: bugtraq@securityfocus.com
In-Reply-To: <20050429190358.GA3757@AndrewNg.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit

Looks like someone was trying to use your server as a DDoS zombie. 
What kind of Perl or PHP scripts are on your server?  Look in your
Apache access log for POST requests that may have uploaded one of
these files, or GET/POST requests that may have uploaded a URL to
download one of these files.  See if you can figure out how it got on
your server.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[38688] in bugtraq

Re: Apache hacks (./atac, d0s.txt)

daemon@ATHENA.MIT.EDU (a.list.address@gmail.com)Mon May 2 16:39:55 2005

daemon@ATHENA.MIT.EDU (a.list.address@gmail.com)
Mon May 2 16:39:55 2005