Mystery infestation strikes Linux/Apache Web sites
Posted by: Anonymous
on January 25, 2008 03:02 AM
Umm. No one has heard of MD5 checks? Seems to me, given the nature of Linux, it shouldn't be that hard to figure out which files are the problem, generate correct MD5 checksums for the valid ones, then test the servers that could be infected using a liveCD. If it finds invalid MD5 checks for those files, replace them, reboot the server, and you are done. Or, if you are not sure about the compatibility with that, have your scripted process do a download of the source for the infected files, and their dependencies, then a 'make' on them. I barely know anything about Linux, have only for the most part used it from liveCDs to fiddle around, and even ***I*** can figure this much out. What kind of experts are these? Are they reading tea leaves to try to figure out the problem?