--- Manish Malik <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
> Naresh Narang wrote:
> >
> > --- Ritesh Raj Sarraf <[EMAIL PROTECTED]> wrote:
> >
>
http://maple.phpwebhosting.com/%7Edarkbroked/linuxdaybot.txt
> >> => `/tmp/.fuhrer2'
> >>Resolving
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Naresh Narang wrote:
>
> --- Ritesh Raj Sarraf <[EMAIL PROTECTED]> wrote:
> http://maple.phpwebhosting.com/%7Edarkbroked/linuxdaybot.txt
>> => `/tmp/.fuhrer2'
>>Resolving maple.phpwebhosting.com... 70.86.76.34
>>Connecting to
>>maple.phpweb
On 11/26/05, Naresh Narang <[EMAIL PROTECTED]> wrote:
===
>
> Rebuild your box dude.
Short of that would making or setting flag of /tmp non-executable help?
--
Sudev Barar
Learning Linux
___
ilug
--- Ritesh Raj Sarraf <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
>
> - --08:07:40--
>
http://maple.phpwebhosting.com/%7Edarkbroked/linuxdaybot.txt
>=> `/tmp/.fuhrer2'
> Resolving maple.phpwebhosting.com... 70.86.76.34
> Connecting to
> maple.phpwebhosting.com[
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Here's what I found out more digging in the logs.
There are 3 hidden files (attached with this message) in /tmp/:
1) .fuhrer
2) .fuhrer2
3) .fuhrer3
ns1:/var/log/apache2# ls -la /tmp/
total 56
drwxrwxrwt 5 root root 4096 Nov 25 07:46 .
drw