I have been monitoring my error_log looking for signs of an exploit, and
haven't seen any. If your server was running a Joomla 1.0.8 there is a good
sign the site was trying to be exploited as that happened to another server
here recently.
And I have had HTML turned off and have instructed Outlook to post or
respond in straight text mode, but I guess even Mr. Gates misses HTML after
a while...
> -----Original Message-----
> From: Gavin Nelmes-Crocker [mailto:gavin (at mark) web-hoster.co.uk]
> Sent: Tuesday, September 19, 2006 5:38 AM
> To: coba-e (at mark) bluequartz.org
> Subject: [coba-e:07067] Odd events for September 19, 2006
>
> <quote>
> Ok, tonight I am using my website which runs on my dedicated BQ server and
> notice it grind to a halt. The website is a Joomla CMS system which runs
> in
> PHP and MySQL. There were approximately 3 users on the site. The server
> is
> a P3-500Mhz Dual Processor with 512MB RAM.
> </quote>
>
> Darrell
>
> Very interesting, I had to shut down a site yesterday for the same reasons
> (not on a BQ box on Ensim) Due to the way Ensim chroot's site we were able
> to see one site hammering the box with perl - Load averages of 147 at one
> point.
>
> After we looked at the site in more detail we found it was a Joomla site
> running version 1.08 not the latest - I wonder if there is either some bad
> code creeping in or a vulnerability being exploited.
>
> Any ideas?
>
> Regards
>
> Gavin
> ps Darrell - please don't post to the list in HTML it makes it hard for
> people to reply correctly and is bad list form - I the general consensus
> is
> plaintext