1 Dec
2001
1 Dec
'01
11:49
Hans Körber wrote:
Hallo,
I found user "nobody" performing a "find" on my linux box few days ago.
In the /home section of the filesystem I found a subdirectory "httpd" which I did not create. The "httpd" directory itself contained a subfolder, "bin-cgi". I didn't find any other changes.
The linux machine runs IPTABLES with open ports for SSH, HTTP and HTTPs. Connection is via pppd.
kernel and patches version ? iptables version ? ssh type & version ? http server & version ? was the box properly hardened and are you sure no other ports were listening when you installed ? hth andre