Thanks for the input

Scott Morris scottmorris at
Wed Jul 15 10:40:44 MDT 2009

Great responses, all.

I should clarify that the box was not rooted.  A vulnerability in the
PHP code on the box was exploited to place tools on the machine.  They
had access to files that were owned by the user running apache.  The
only files that I could see that were changed were in the web root.

So, it wasn't through SSH, but many of your suggestions still stand to
reason.  Right at the moment, I can't do a fresh install, because the
box is co-located.

I'll read up on all the other stuff, though.  Again, thanks for the
enlightening suggestions.


More information about the PLUG mailing list