Hi list,My sarge box box was recently hacked by some script kiddy who installed an irc-dcc-filserver on it :/ As I'm not so aware could someone be so kind to help me with a forensic analysis? I also still do not know which program (propably any php-stuff) was/is vulnerable.
All I've found so far where these entries in my apache2 error-log. http://jesusch.de/~jesusch/tmp/error.log Bjoern