Search found 3 matches

by hetzbh
29 Dec 2014, 08:51
Forum: General Discussion (csf)
Topic: tons of errors in syslog
Replies: 1
Views: 2422

tons of errors in syslog

Hi, In the last month or so, my /var/log/messages becomes flooded with errors like this: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=04:01:07:8a:00:01:00:24:38:ab:b6:00:08:00 SRC=117.41.166.216 DST=82.196.0.XXX LEN=40 TOS=0x00 PREC=0x00 TTL=105 ID=256 PROTO=TCP SPT=6000 DPT=9200 WINDOW=16384 RES=0x0...
by hetzbh
16 Jan 2013, 09:27
Forum: General Discussion (csf)
Topic: root exploits
Replies: 4
Views: 5726

Re: root exploits

hacking wordpress will give you the account, not root level access.

My question was about csf itself: it shows a message about security exploit, why not show the process name/pid that it happens, that will make life much easier to trace and fix..
by hetzbh
11 Jan 2013, 23:34
Forum: General Discussion (csf)
Topic: root exploits
Replies: 4
Views: 5726

root exploits

Hi, I'm using CSF (btw, where can I see which version is it?) and I just found one of my servers has been hacked. Looking at the /var/log/lfd.log, I see that a user which was created by the attacked ("ghost") is using a security exploit to gain root, but I didn't get any email nor did I fi...