Find the answer to your Linux question:
Results 1 to 3 of 3
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Mar 2006
    Allentown PA

    May Have Been Hacked, In Dire need of Assistance

    Good afternoon all,
    For the past 2 days my server host has had to shut me down. I call in and find someone has gotten in to one of my sites and has loaded a phishing program into a directory. I go in clean it all out, and check my logs. I don't see anything funny. Tighten up the security and go out. Somehow they have gotten back in and reloaded it. It shows it is being run by apache. I cannot find where this hole is! I need another set of eyes to run through things with me as my linux skills aren't strong enough (yet) to find the problem. If anyone can give help please email me direct as well as here at

  2. #2
    Linux Engineer adrenaline's Avatar
    Join Date
    Aug 2004
    Seattle, Washington
    This sounds like a lot of fun but you will have to give me a ton more information. Why don't you PM me the infected log file.
    Let me know distro services etc...
    Some people have told me they don't think a fat penguin really embodies the grace of Linux, which just tells me they have never seen a angry penguin charging at them in excess of 100mph. They'd be a lot more careful about what they say if they had.
    -- Linus Torvalds

  3. #3
    I can't tell you how they got in in the first place, but it sounds to me that something you might want to do is to educate yourself on rootkits.

    Here's some info

    Here's some progams that might help.

  4. $spacer_open

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts