24x7Servermanagement is a leading Managed IT Services Provider equipped with a world-class support center. We are truly dedicated to provide the best budget server management services for web hosting and dedicated server owners. Our aim is to provide exclusive and quality outsourcing services. We are available 24 hours a day, 7 days a week, 365 days at your service.
-
Found suspicious scripts in /tmp directory
Posted on July 23rd, 2008 1 commentSometimes its very frustating to find how the suspicious files are stored in /tmp directory. How can I find out who put it there? Since this file is in /tmp directory, it was most likely put there by a vulnerable Php script.
Look into the access log file(s) in /usr/local/apache/domlogs directory for the file “psync.txt” and see if you can find the site that was used to upload the file to your server .
Use the following command at the prompt:
- grep -i psync.txt /usr/local/apache/domlogs/*
OR
- grep -i psync.txtPATH_TO_APACHE_domlogs/*
1 Trackbacks / Pingbacks
-
[...] – Found suspicious scripts in /tmp directory saved by matthewturkey2009-04-14 – Wow… saved by stellar952009-04-09 – S M vicodin who have [...]
-
Websites tagged "tmp" on Postsaver April 29th, 2009 at 20:33