Peter A. Dumpert Innovative Computer Services, LLC The Diamond Standard of Internet Business P: 732-683-0092 x 102 F: 732-577-9390 http://innovativebusiness.net/ danilo lujambio wrote:
Hi,in one of our servers with Sarge we are suffering an attack wich put a perl script and two executables in /tmp with owner www-data. We couldn't find any data in messages , syslog, apache.log which help us. We have a shorewall with very few ports open (ssh , ftp and web) .Can someone help us in how to looking for the source of the attack ? thanks in advance d.l.