httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Simone Caruso <i...@simonecaruso.com>
Subject Re: [users@httpd] attack on apache
Date Mon, 09 Jan 2012 17:05:38 GMT
On 09/01/2012 16:11, Luisa Ester Navarro wrote:
> My server is being attacked. I think it is from apache because I have found
> commands running with the owner apache.
> My httpd is on /usr/sbin and they run on /usr/local/apache/bin/httpd -DSFSL 
> and  sh -c curl -o http ....
> 

I don't think they exploited apache, maybe an application level bug. Are the
cronjobs running as the apache user?


-- 
Simone Caruso
IT Consultant
+39 349 65 90 805

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message