Hi, I wrote about kernel errors which somebody pointed out was because the server was running out of memory. Now I found the following which makes me think that that server may have been compromized. Here's what I get when I issued: netstat -nap tcp 0 0 131.x.x.x:38423 72.x.x.x:80 ESTABLISHED 5226/ps x tcp 0 0 131.x.x.x:38420 72.x.x.x:80 ESTABLISHED 5365/ps x About a hundred instances of that program 'ps x' running. Also here's what ps -ef produced: apache 6323 1 0 10:30 ? 00:00:00 ps x apache 6324 1 0 10:30 ? 00:00:00 ps x apache 6326 1 0 10:30 ? 00:00:00 ps x apache 6328 1 0 10:30 ? 00:00:00 ps x apache 6330 1 0 10:30 ? 00:00:00 ps x Again there are a lot of these? Any insight anyone? Thank you. Olga
