Hi, my system was restored yesterday and the old hd was slaved. So i can access it and see what have happened. Hi think that the problem are on any users script that allow exec in tmp folder. Now i'm trying to resolve this issue. For the moment all php script work with safe_mode ON. Any suggest?
Scot L. Harris wrote:
On Wed, 2004-11-10 at 10:08, Franco wrote:
Thanks to every, i have resolved using cd './ /.tmp'
So you accessed the directory, but have you reloaded the system from scratch? If not you are probably still exposed and your system may still be under the control of some one else. If they take exception to you removing their files they may come back in and wipe your system.
You should disconnect the system from the network immediately and reinstall the OS from scratch. That is the only sure way of making sure you have control of your server back.
