'sh -i' My server was hacked. How can i found hole on my
server?
Mike Jakubik
mikej at rogers.com
Mon Jun 27 20:58:42 GMT 2005
On Mon, June 27, 2005 6:10 am, Oleg Rusanov said:
> Hello.
>
>
> My server was hacked. The CPU has been loaded on 99 % by "sh -i" process.
> I found out that someone has started phpshell through a hole in one of
> phpbb forums. Also has filled in scripts for flud and spam and "vadim
> script" in "/tmp". I has made it noexec. Recently has found out the same
> process. May be i have left again /tmp opened, or other hole may be.
> What is better to do for clean my system?
And what does this have to do with the amd64 mailing list? Try questions
instead.
More information about the freebsd-amd64
mailing list