the attack).
Thanks for the advice. I appreciate!
Oleg.
On Sun, Apr 4, 2010 at 5:52 PM, Daniel Reinhardt *crypto...@cryptodan.net
* crypto...@cryptodan.net wrote:
--
From: Oleg Goryunov *oleg.goryu...@gmail.com* oleg.goryu...@gmail.com
Sent: 04
that the vulnerablity might have been in the phpmyadmin. Could
it be there? Or is the chaler was trying to find the most common ways to get
in?
Oleg.
On Sun, Apr 4, 2010 at 3:28 AM, Morgan Gangwere 0.fracta...@gmail.comwrote:
On 4/3/2010 4:24 PM, Oleg Goryunov wrote:
THe problem is that I do not see any
, Apr 4, 2010 at 10:20 AM, Lester Caine les...@lsces.co.uk wrote:
Oleg Goryunov wrote:
Any help is appreciated.
Oleg - Does YOUR copy of the index page look OK reading it as a file?
What no one has mentioned is that DNC servers have been hacked and could be
doing the re-routing. It may
on
your
server of being hacked.
Unfortunately, they said they did not have a database of registered events
of this kind. :(
Oleg.
On Sun, Apr 4, 2010 at 12:48 PM, Oleg Goryunov oleg.goryu...@gmail.comwrote:
Lester,
Yes, I assume it might be a third party problem, not my server problem, but
I need
on local socket.
What kind of vulnarability does mysql have? Do you know where I can read
about it?
Oleg.
On Sun, Apr 4, 2010 at 4:55 PM, Daniel Reinhardt crypto...@cryptodan.netwrote:
--
From: Oleg Goryunov oleg.goryu...@gmail.com
Sent: 03 April
Oh, ok. I got it. I have already disabled it (actually, immediately after
the attack).
Thanks for the advice. I appreciate!
Oleg.
On Sun, Apr 4, 2010 at 5:52 PM, Daniel Reinhardt crypto...@cryptodan.netwrote:
--
From: Oleg Goryunov oleg.goryu
, at 22:20, Oleg Goryunov wrote:
Yep, someone's been there. Take it off the 'net, if you haven't already!
And get someone competent to look: anyone on a list like this
can only speculate!
First question, who has non-WWW access, particularly a shell?
If the offending files are owned by a user