Did I get cracked?

[thorin]

That would most likely be the weekly log rotation taking place.  4:02 AM
sounds about right (Redhat?).
If you have a default RH install of Apache etc, then the PHP & Mod_perl
are installed.

Check your httpd.conf file and search for the two modules by name.

--Thorin

-----Original Message-----
From: owner-discuss at Blu.Org [mailto:owner-discuss at Blu.Org] On Behalf Of
Duane Morin
Sent: Monday, August 06, 2001 22:30
To: discuss at Blu.Org
Subject: Did I get cracked?


Ok, while playing in my apache access logs looking at default.ida
requests I 
found a different, very weird anomaly.  Every Sunday morning at 4:02am
(going 
back at least 3 weeks), my Apache would catch a SIGTERM, then tell me
that 
PHP3.0.18 and mod_perl reinstantiated themselves properly.  When I
checked 
/var/log/messages I see that at this same time, my syslogd is resetting
itself.

What the hell is that?  I've never deliberately done anything with perl
or PHP 
in relation to Apache (I'm a Java geek).  Is this nothing?  Is my
syslogd 
scheduled to reboot itself weekly anyway, and somehow that is causing
Apache 
to reboot as well?  Or am I owned?

The weird thing would be that last Sunday my machine wasn't even on the
net, 
having just moved into a new house.  So I find it hard to believe that 
somebody got me that fast.  Prior to last sunday I had a whole different
ISP.

Duane


-
Subcription/unsubscription/info requests: send e-mail with "subscribe",
"unsubscribe", or "info" on the first line of the message body to
discuss-request at blu.org (Subject line is ignored).

-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).