[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: rlx blade server attacked

Hi Jason.

Jason Sopko wrote:
The Apache worm you're infected with was posted on bugtraq earlier
today. It exploits mod_ssl and can be identified by doing a ps -ax |
grep bugtraq (it runs as the name .bugtraq). The source for it is here:


Thanks a lot for the fast reply. You are right, I can approve that this is the worm that attacked the management blade. It started it's attack somewhere around noon (local time) today. The management blade is vulnerable to this attack as it is based on RedHat 7.3 (maybe it would have been better if RLX had stick to Debian as they used before).

Thanks a lot for the help.

Bye, Mike

Reply to: