On Thu, May 9, 2013 at 2:52 PM, Joshua Isom <jri...@gmail.com> wrote: > On 5/9/2013 12:19 PM, Per olof Ljungmark wrote: >> >> Hi, >> >> Is Apache on FreeBSD affected? >> >> Thanks, > > > Technically, Apache isn't the problem. The hole's in cPanel probably, not > Apache. The attackers replace Apache, probably patching the source code and > replacing the host's with a trojaned copy. If they're patching the source > code, then yes, FreeBSD, Windows, OS X, Solaris, OpenBSD, et al are possibly > infected. >
I am not sure that is the case from the research I have been doing on this topic. For example there are reports of it being detected on lighttpd, nginx and systems that do not use cpanel: http://www.welivesecurity.com/2013/05/07/linuxcdorked-malware-lighttpd-and-nginx-web-servers-also-affected/ If anyone has a better rundown of this it would be great if you could point me in the right direction. I am having problems finding a proper examination/explanation of this backdoor. cheers, -pete -- pete wright www.nycbug.org @nomadlogicLA _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"