On Wed, Jul 30, 2014 at 1:29 AM, Brandon Vincent
brandon.vinc...@asu.edu wrote:
On Wed, Jul 30, 2014 at 4:27 AM, Nico Kadel-Garcia nka...@gmail.com wrote:
Once someone is in as root, they can manipulate your basic system
libraries, including the ones used to build checksums and audit for
One of our servers has Malware on it and it hammers the eth0.
using /sbin/ifconfig you look at a few thousand reads and 3 G of transmits.
Transmits roll up at about 0.3 G every 2 seconds.
What keeps this bound is that the ATT network it is tied to is only good for
about 200K up load and 1.5 meg
On Tue, Jul 29, 2014 at 05:23:48PM -0400, Larry Linder wrote:
One of our servers has Malware on it and it hammers the eth0...
Search on Google using 'IptabLes' and 'IptbLex' If you do not use single
quotes all the upper case gets replaced with lower case and you do not find
anything.
- Original Message -
From: Larry Linder larry.lin...@micro-controls.com
To: scientific-linux-users@fnal.gov
Sent: Tuesday, 29 July, 2014 11:23:48 PM
Subject: Malware 3
Is it contained in a OS file? as some others viruses where the file contains
the orrig in the first 4096 bytes
On Tue, 2014-07-29 at 17:23 -0400, Larry Linder wrote:
If anyone is interested I will share the details.
Larry,
Are you running Apache Struts, Apache Tomcat, or Elasticsearch by any
chance? Please review CVE-2013-2115, CVE-2013-1966, and CVE-2014-3120 to
see if any of these apply to your system
On Tue, Jul 29, 2014 at 10:07 PM, Brandon Vincent
brandon.vinc...@asu.edu wrote:
On Tue, 2014-07-29 at 17:23 -0400, Larry Linder wrote:
If anyone is interested I will share the details.
Larry,
Are you running Apache Struts, Apache Tomcat, or Elasticsearch by any
chance? Please review
On Wed, Jul 30, 2014 at 4:27 AM, Nico Kadel-Garcia nka...@gmail.com wrote:
Once someone is in as root, they can manipulate your basic system
libraries, including the ones used to build checksums and audit for
intrusion. Take it offline and *replace* that OS, ASAP, and consider
any passwords
