Jesse Keating writes: > UID 48 belongs to apache... Do messages sent via sqwebmail get that UID > attached to them? The reason I ask, the contents of the original email don't > match anything that would have been sent via apache.
YOU ARE COMPROMISED from http://uptime.netcraft.com/up/graph/ scan of your server --------- The site www.j2solutions.net is running Apache/1.3.22 (Unix) (Red-Hat/Linux) --------- from http://httpd.apache.org and http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0392 : ---------------- Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size. ---------------- I'd reccomend installing a rootkit detector such as tripwire. To be honest, though, I'd wipe the server except for /home to be safe. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek PC Mods, Computing goodies, cases & more http://thinkgeek.com/sf _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users