My server is being attacked. I think it is from apache because I have found commands running with the owner apache. My httpd is on /usr/sbin and they run on /usr/local/apache/bin/httpd -DSFSL and sh -c curl -o http ....
They also run every minutes a crontab from /var/spool/cron and I dinĀ“t have
anyone there.
I am using Centos 5.7 and httpd-2.2.3.53-el5.centos.3 and my system is update.
Can someone help me?
Thanks in advance
Luisa
