Fedora Linux Support Community & Resources Center

Home Forums Posting Rules Linux Help Fedora Set-Up Guides Ask Fedora Fedora Project
Go Back   FedoraForum.org > Fedora 17/18 > Security and Privacy
Reload this Page Webserver compromised
FedoraForum Search
Forgot Password? Join Us!
Register All Albums FAQ Search Today's Posts Mark Forums Read

Security and Privacy Sadly, malware, spyware, hackers and privacy threats abound in today's world. Let's be paranoid and secure our penguins, and slam the doors on privacy exploits.

 
 
Thread Tools Search this Thread Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 2nd April 2012, 10:20 PM
kevinscof Offline
Registered User
  
Join Date: Aug 2005
Posts: 20
windows_7ie
Webserver compromised
IM at a loss right now, so I am asking for advice. Im running Fedora Core 10 with Apache, mysql, php, perl. My email is Postfix, Dovecot. Im running a web server with aproximately 130 websites each with their own public IP. I have setup my iptables to only allow the following ports in : 21, 25, 80, 110. For my outgoing I have set ports 21, 25, 53, 80, 110. Im rejecting everything else. My system has been compromised but I have ran chkrootkit and rkhunter and it comes back with no rootkits. My log is showing requests going out on random ports above 40000. My system will come to a crawl and I look in the tmp folder and I will find a random txt file and usually a hidden folder. I am unable to figure out how they are getting in, but im guessing over port 80. any advice on what I should start checking into would be greatly appreciated.
Reply With Quote
 

Tags
compromised, webserver

« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Kernel.org compromised cymbaline42 Linux Chat 1 1st September 2011 04:25 AM
Fedora 7 Compromised by ISP Peter_APIIT Security and Privacy 59 23rd August 2007 10:07 PM
system compromised? 84NITRAM Using Fedora 2 24th December 2006 02:14 AM
Have i been compromised ? do i need a worm pill :) lerningkurv Security and Privacy 1 3rd June 2005 04:24 AM


Current GMT-time: 00:00 (Thursday, 20-06-2013)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.
Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

 FedoraForum is Powered by RedHat