Jump to content
Sign in to follow this  
chokchai

Linux - Help needed

Recommended Posts

chokchai

Hi,

 

I'm looking for someone in Cebu with good Linux experience, specifically to help us fix a DoS attack on our Moodle installation.

 

Anybody out there??

 

Thanks,

Ch

Share this post


Link to post
Share on other sites
USMC-Retired

Not following. DOS? Denial of Service?

 

 

You are not allowed to install Moodle Docs on your Linux system?

 

What type of linux are you running?

 

If you give more details I probably help with a walk through to setting up the server for this.

Edited by Norseman

Share this post


Link to post
Share on other sites
chokchai

Thanks for the reply, but, sorry I don't follow you either.

 

Moodle is already running on our Linux server (can't remember which particular Linux, but I can tell you when I get to work). We don't need it setting up, its been running for over two years. Now, all of a sudden, its full of spurious .php files which are crashing the system.

 

More details later.

 

Thanks

Ch

Edited by chokchai

Share this post


Link to post
Share on other sites
USMC-Retired

Is this crashing the server? Or your machine?

 

If it is your machine can you not go throughthe server and delete them?

 

Sounds as though the php files are linking to something that does not exsist.

Either way they fault out.

Share this post


Link to post
Share on other sites
senseless

Either you're running a web application that has allowed attackers to upload/execute files remotely through a flaw in coding or you were hacked. I would suggest a reinstall of the system.

 

You should make sure your applications are up to date, have firewalls with ip rules, and run mod_security on apache

Share this post


Link to post
Share on other sites
chokchai

Either you're running a web application that has allowed attackers to upload/execute files remotely through a flaw in coding or you were hacked. I would suggest a reinstall of the system.

 

You should make sure your applications are up to date, have firewalls with ip rules, and run mod_security on apache

Thanks for your reply. A reinstall is the last resort, as we have a lot of data there which we don't want to lose.

 

Still working on a few other options first :)

 

Ch

Share this post


Link to post
Share on other sites
USMC-Retired

It does not have to be a remote attack. It could have been an effected machine that is uploading malicious files to the server. So just reinstalling it may not be the answer.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use, Privacy Policy and Guidelines. We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue..