[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

we were attacked


in one of our servers with Sarge we are suffering an attack wich put a perl script and two executables in /tmp with owner www-data. We couldn't find any data in messages , syslog, apache.log which help us. We have a shorewall with very few ports open (ssh , ftp and web) .
Can someone help us in how to looking for the source of the attack ?

thanks in advance


Reply to: