D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Website hacked

 

On Thu, Oct 02, 2014 at 09:42:05PM +0000, Martijn Grooten wrote:
> Is there anything else that's going on that seems suspicious? Login
> attempts in the log file, more website visits, increased bandwidth usage,
> etc.

I should have added here that especially when it comes to log activity,
modern Linux server malware tend to be pretty stealthy, so its activity
might not show up in the logs.

Oh, and I assume you have changed all passwords on the server (SSH, CMS
etc.) just in case.

Alternatively, just say sorry to bad apple for whatever it was that you
did. ;-)

Martijn.


-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq