Help with possible hacking of a VirtualHost

Bill Tangren Tue, 01 Jul 2003 09:56:47 -0700

I have a perplexing problem. I received an email this morning from some one who states that he was surfing my web site site1.com, when he received a portscan attack from site2.com. However, site2.com is a VirtualHost that is aliased to site1.com. This person told us because he said we might have been hacked. I immediately changed the root password.

Could someone tell me how this could have happened? If you do a lookup on site2.com, and then do a reverse lookup on that IP number, you see site1.com, not site2.com.

If I have been hacked, what should I look at? I don't see any obvious evidence in the logs, but I'm not sure I would.

TIA,

Bill Tangren


--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/redhat-list

Help with possible hacking of a VirtualHost

Reply via email to