httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dirk-Willem van Gulik <>
Subject Re: [users@httpd] hacker access shown in error.log
Date Thu, 02 Oct 2003 17:08:43 GMT

On Thu, 2 Oct 2003, Randy McMillan wrote:

> just did, then it would seem to be a configuration issue and I could use
> some hints.  I googled some of the program names, but didn't come up with
> anything specific.

It is a small deamon which typically sits on port 55555 and connects any
incoming connection (telnet) through to a /bin/sh running as the user it
was started as. It appears in your PS listing pretending to be called
'httpd' or as '/usr/local/apache/httpd'. (It sets argv[0]).


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message