Question remains, how was it compromised? In the original install ? A "fresh" install perhaps from another source?
Best you determine HOW before spending more time going down another rabbit hole! John Novack Antoine Megalla wrote:
Hi Thank you for your support. The server is actually compromised, I discovered that after making a deep trace using the audit daemon and looking for the kill signal (SIGKILL) that terminates asterisk.
<snipped to please the mailing list > -- Dog is my Co-pilot
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
