8 Jan
2018
8 Jan
'18
21:41
On 01/08/2018 01:06 PM, Greg Freemyer wrote:
That seems like what is happening. I setup Wordpress as a test a couple years ago.
There are php files in there with datestamps of Dec 28,2017 or newer. I haven't looked at that stuff since 2016 it seems.
The WP stuff is not in use, so I think I can just wipe it out.
Done. Let's see what happens now.
Hi Greg, Of course you realize that you can never trust that system again until it's rebuilt from scratch? I'd be tempted to run one of the rootkit detection programs too. Maybe rkhunter? Also, have you scanned for unusual open ports? Regards, Lew -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org