-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 16.06.2010 23:31, unsp...@hushmail.com wrote:
> BTW running 'suspscan' is only a *postmortem* action and finding 
> the malware only an *indication* of more serious problems. It would 
> be good to (first make backups, weed out problematic scripts or 
> installations, update software to current and then) harden the web 
> stack and run say 'Logwatch' (and extending Logwatch capabilities 
> to include common downloaders is quite easy: 
> http://www.linuxquestions.org/questions/blog/unspawn-2450/logwatch-
> webserver-logs-php-malarky-2308/).

yes, logwatch and a couple of other tools (most promimently snort) are
running on our servers by default - yet, all those tools don't protect
you from human errors (or at least not entirely).

Such a (major) human error was the true cause for the infection.

But thanks anyway for your suggestions.

- -- 
Udo Rader | CEO
BestSolution.at EDV Systemhaus GmbH | company
Eduard-Bodem-Gasse 5 | address
A-6020 Innsbruck | city
+43 512 935834 | phone
http://www.bestsolution.at | web
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mandriva - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJMGeUmAAoJEJA9QoEqa9WB6BMIAI6ZeFGk+ghuxCFFmK1EWF2z
1LAMwRQvi0gtp1x08jHNBESE4qTJ7KRN0mn68YLxhJZC8ODbP5mK529/4THcA6iw
OIOxmg6/nY6YoYlyWIIpBGvvkxO3/G2UP3ERCW/kZiKxaLvj1F/nOghe9lnhVuIT
4f/xPGsTZWdyDxZDcGRZ3eGsNFOwfwiM5J5VdXVJfctjLwP7OhIdakjWn0mOkNTM
YVbujpH9VxqQkZMM3UNyVHjCd/yAurIA7QHsiMhtI8rm1LGNZZFwimlQk7+OzJyt
pqHR8eP7wXNs3bMVznFiAzVFi8VW4VkQs8MErBUuHdt1VqCnMuQ88W3R/gAf4Jg=
=DtUH
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
ThinkGeek and WIRED's GeekDad team up for the Ultimate 
GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the 
lucky parental unit.  See the prize list and enter to win: 
http://p.sf.net/sfu/thinkgeek-promo
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users

Reply via email to