[nsp-sec] 7Mpps udp/80 29bpp attack against 82.130.16.98
Pekka Savola
pekkas at netcore.fi
Fri Jul 1 12:22:30 EDT 2011
On Fri, 1 Jul 2011, Gabriel Iovino wrote:
> Harri, thanks for providing some details on what one might find on the
> machine. That helps!
FWIW, at least with one source reported the following:
"We noticed that the /tmp directory contains
2 files with user rights www-data that contain
perl code to initiate a network flood."
Pekka Savola
CSC/FUNET
More information about the nsp-security
mailing list