GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Trojan Horses Detected by (WHM) on *server here* (https://gfy.com/showthread.php?t=668381)

Jace 10-20-2006 01:45 AM
Trojan Horses Detected by (WHM) on *server here*
 
Anyone even gotten this warning from WHM?
and can you tell me what it means?


Hidden Pid detected! [pid 318]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/sbin/devd]

Hidden Pid detected! [pid 340]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/syslogd]

Hidden Pid detected! [pid 434]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/usbd]

Hidden Pid detected! [pid 474]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/sshd]

Hidden Pid detected! [pid 494]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/cron]

Hidden Pid detected! [pid 927]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/bin/stunnel-4.15local]

Hidden Pid detected! [pid 991]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/local/bin/perl5.8.6]

Hidden Pid detected! [pid 995]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/bin/sh]

Hidden Pid detected! [pid 1059]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/libexec/getty]

Hidden Pid detected! [pid 1060]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/libexec/getty]

Hidden Pid detected! [pid 1061]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/libexec/getty]

Hidden Pid detected! [pid 1062]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/libexec/getty]

Hidden Pid detected! [pid 1063]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/libexec/getty]

Hidden Pid detected! [pid 1064]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/libexec/getty]

Hidden Pid detected! [pid 1065]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/libexec/getty]

Hidden Pid detected! [pid 1066]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/libexec/getty]

Hidden Pid detected! [pid 1070]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/local/libexec/mysqld]

Hidden Pid detected! [pid 9689]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/lwresd]

darksoul 10-20-2006 02:02 AM
it means you got rooted.
backup and reinstall the OS

Jace 10-20-2006 02:38 AM
Quote:
Originally Posted by darksoul (Post 11117544)
it means you got rooted.
backup and reinstall the OS
hm...i think I will get my admin on it first and see what he says

last time I had to reinstall the OS it was a huge mess...LOL

this particular server is being shut off soon anyway

hydro 10-20-2006 02:46 AM
removing rootkits is a pain in the ass :(


All times are GMT -7. The time now is 08:59 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123