httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dino B." <mypascal2...@gmail.com>
Subject RE: [users@httpd] Possible virus via httpd server
Date Tue, 05 Jan 2016 00:36:10 GMT
Hmmm, index. Html is just default page???  Strange that that it got
overwritten by some executable

--
Dino Buljubasic

--
Dino Buljubasic
Cell 604 441 3560

Please pardon my brevity - sent from my mobile device.  Please excuse any
typos.
On Jan 4, 2016 12:38, "Michael D. Berger" <m.d.berger@ieee.org> wrote:

> Following your suggestion, I made use of my daily backups to install
> the httpd.conf from two days ago, when all was well. The problem was
> the same.  I tried sublitting a file to sophos, but I would have to
> join, and I am not ready for that.  See also my next email.
>
> Still heading toward DBAN.
>
> Thanks,
> Mike.
>
> --
> Michael D. Berger
> m.d.berger@ieee.org
> http://www.rosemike.net/
>
>
> > -----Original Message-----
> > From: Keith Roberts [mailto:keith.roberts@ecric.nhs.uk]
> > Sent: Monday, January 04, 2016 11:25
> > To: users@httpd.apache.org
> > Subject: Re: [users@httpd] Possible virus via httpd server
> >
> > Hi Mike.
> >
> > You might like to send this to sophos for analysis:
> >
> > https://www.sophos.com/en-us/support/knowledgebase/11490.aspx
> >
> > As index.html is the default page if nothing else is
> > configured, has your httpd.conf file been modified to server
> > this binary file instead of index.html?
> >
> > HTH,
> >
> > Keith Roberts
> >
> > On 4 Jan 2016, at 16:18, Michael D. Berger
> > <m.d.berger@ieee.org> wrote:
> >
> > > Warning: This message contains unverified links which may
> > not be safe.  You should only click links if you are sure
> > they are from a trusted source.
> > > Examining with Lemmy (A Windows version of VI), it looks
> > like a binary file.
> > > Size is 181.4 KB.
> > > I am considering my favorite virus remover: DBAN, but it would take
> > > several days work to recover from that.
> > >
> > > Mike.
> > > --
> > > Michael D. Berger
> > > m.d.berger@ieee.org
> > > http://www.rosemike.net/
> > >
> > >
> > >> -----Original Message-----
> > >> From: Daniel Beardsmore [mailto:daniel@trustnetworks.co.uk]
> > >> Sent: Monday, January 04, 2016 05:03
> > >> To: users@httpd.apache.org
> > >> Subject: RE: [users@httpd] Possible virus via httpd server
> > >>
> > >> Well, what do you see if you examine the file in a text editor?
> > >>
> > >>> -----Original Message-----
> > >>> From: Michael D. Berger [mailto:m.d.berger@ieee.org]
> > >>> Sent: 04 January 2016 05:03
> > >>> To: Apache-Users
> > >>> Subject: [users@httpd] Possible virus via httpd server
> > >>>
> > >>> Using my WinXP Firefox client to access my previously
> > working httpd
> > >>> 2.4 server on Fedora 23 gets a file named 1OfvyQ5L instead of my
> > >>> index.html .  Do you think I have a virus on my Linux box?  I did
> > >>> notice that my iptables is not as tight as it should be.
> > >>>
> > >>> --
> > >>> Michael D. Berger
> > >>> m.d.berger@ieee.org
> > >>> http://www.rosemike.net/
> > >>>
> > >>>
> > >>>
> > >>>
> > >>
> > ---------------------------------------------------------------------
> > >>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > >>> For additional commands, e-mail: users-help@httpd.apache.org
> > >>>
> > >>>
> > >>
> > ---------------------------------------------------------------------
> > >> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > >> For additional commands, e-mail: users-help@httpd.apache.org
> > >>
> > >
> > >
> > >
> > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > For additional commands, e-mail: users-help@httpd.apache.org
> > >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

Mime
View raw message