I'm making this post both here and on cobalt-developers; I'm not sure where the expertise might reside to answer the question...
One of my colocation clients, who has been hacked several times, notices that there's a "gmon.out" file, owned by root:siteX, in each directory of two websites owned by the same client. There's no reference to either "gmon" out or to gprofs (the program that produces it) in any of the files on either of the sites. Anyone have any ideas why or how this file could have appeared on these two sites? Jeff -- Jeff Lasman <[EMAIL PROTECTED]> Linux and Cobalt/Sun/RaQ Consulting nobaloney.net P. O. Box 52672, Riverside, CA 92517 voice: (909) 778-9980 * fax: (702) 548-9484 _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
