Search found 3 matches
- 29 Dec 2014, 08:51
- Forum: General Discussion (csf)
- Topic: tons of errors in syslog
- Replies: 1
- Views: 2571
tons of errors in syslog
Hi, In the last month or so, my /var/log/messages becomes flooded with errors like this: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=04:01:07:8a:00:01:00:24:38:ab:b6:00:08:00 SRC=117.41.166.216 DST=82.196.0.XXX LEN=40 TOS=0x00 PREC=0x00 TTL=105 ID=256 PROTO=TCP SPT=6000 DPT=9200 WINDOW=16384 RES=0x0...
- 16 Jan 2013, 09:27
- Forum: General Discussion (csf)
- Topic: root exploits
- Replies: 4
- Views: 6770
Re: root exploits
hacking wordpress will give you the account, not root level access.
My question was about csf itself: it shows a message about security exploit, why not show the process name/pid that it happens, that will make life much easier to trace and fix..
My question was about csf itself: it shows a message about security exploit, why not show the process name/pid that it happens, that will make life much easier to trace and fix..
- 11 Jan 2013, 23:34
- Forum: General Discussion (csf)
- Topic: root exploits
- Replies: 4
- Views: 6770
root exploits
Hi, I'm using CSF (btw, where can I see which version is it?) and I just found one of my servers has been hacked. Looking at the /var/log/lfd.log, I see that a user which was created by the attacked ("ghost") is using a security exploit to gain root, but I didn't get any email nor did I fi...