To make a long story short, the gnhlug.org web site is down - hopefully it will be back tomorrow.
The longer story... hive.codemeta.com was compromised yesterday around 3pm. It looks like they replaced sendmail and apache with their own versions. I've run some audits and got back lots of suspicious files, so its going to take a while to poke around. I believe the system is safe as long as the main web server isn't running (for now). Unfortuantely, I have a job to hold down, so I won't be able to do much until I get back home - which will be later tonight. --Bruce > Bruce, > > www.gnhlug.org is out right now. I shelled into hive, and took a > quick > look. The only "httpd" running is > > /home/roger/town-center/apache/bin/httpd > > I'm not sure if that's the right one or not. Since I don't know what's > going on, I'm not going to poke around with it, but I wanted to let you > know. _______________________________________________ Gnhlug-org mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-org
