Apparent Hack attempt filling partition

Steel City Phantom scphantm at yahoo.com
Mon Feb 27 13:56:40 PST 2006 

It seems that on friday i had some kind of hack scanner hit one of my 
servers.  it went thru the website looking for scripts, i believe it was 
my hosting company that did it with their vulnerability scanner.  The 
problem is that for some reason, the server was kicked into a loop 
failing on a perl script that eventually filled the /var partition with 
a 1 gig error log file and brought mysql down for lack of temp space to 
run some queries.  here is the last snip of the log before it started 
repeating the can't open perl script for 1 gig of file.  anyone have any 
ideas what could have caused that? 

the server is running PHP Version 4.3.9, Apache 1.3.33 on bsd 4.10 R2P

/usr/local/www/data/goldsteins/themes/Showroom/images/FooterBack.jpg
[Sun Feb 26 10:25:59 2006] [error] [client 216.153.168.66] File does not 
exist: /usr/local/www/data/goldsteins/themes/Showroom/images/FooterBack.jpg
[Sun Feb 26 10:26:07 2006] [error] [client 216.153.168.66] File does not 
exist: /usr/local/www/data/goldsteins/themes/Showroom/images/FooterBack.jpg
[Sun Feb 26 11:41:06 2006] [error] [client 83.179.151.230] File does not 
exist: /usr/local/www/data/interiors/index2.php
[Sun Feb 26 11:41:14 2006] [error] [client 83.179.151.230] File does not 
exist: /usr/local/www/data/interiors/mambo/index2.php
[Sun Feb 26 11:41:16 2006] [error] [client 83.179.151.230] File does not 
exist: /usr/local/www/data/interiors/cvs/index2.php
[Sun Feb 26 11:41:20 2006] [error] [client 83.179.151.230] File does not 
exist: /usr/local/www/data/interiors/articles/mambo/index2.php
wget: not found
mv: ping.txt: No such file or directory
wget: not found
curl: not found
curl: not found
Can't open perl script "temp2006": No such file or directory
Can't open perl script "temp2006": No such file or directory
Can't open perl script "temp2006": No such file or directory
Can't open perl script "temp2006": No such file or directory
Can't open perl script "temp2006": No such file or directory
Can't open perl script "temp2006": No such file or directory
Can't open perl script "temp2006": No such file or directory

More information about the freebsd-questions mailing list