I am also concerned about some enries in my error log that look like I've been successfully compromised. In googling it looks like a vulnerable PHP script. Does anyone know of a PHP script scanner or something I could use to lock down PHP?
-Mark Check out the logs below. --14:07:46-- http://xcrewteam.com/seth.txt => `seth.txt' Resolving xcrewteam.com... 69.162.89.18 Connecting to xcrewteam.com|69.162.89.18|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 53,639 (52K) [text/plain] 0K .......... .......... .......... .......... .......... 95% 248.18 KB/s 50K .. 100% 3.70 MB/s 14:07:47 (259.19 KB/s) - `seth.txt' saved [53639/53639] This was from 2 days ago. I am also seeing these entries periodically: sh: fetch: command not found sh: fetch: command not found sh: fetch: command not found sh: fetch: command not found sh: fetch: command not found Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -----Original Message----- From: Mark Kruger [mailto:[email protected]] Sent: Friday, January 15, 2010 7:20 AM To: cf-linux Subject: Cert and pass phrase Ok... so I was so proud that I figured out how to renew a cert on Linux - but now everytime I restart apache it asks for a passphrase for that cert. Any ideas how to fix that? -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com <http://www.cfwebtools.com/> www.coldfusionmuse.com <http://www.coldfusionmuse.com/> <http://www.necfug.com/> www.necfug.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-linux/message.cfm/messageid:4518 Subscription: http://www.houseoffusion.com/groups/cf-linux/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.14
