ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

suspicious file alert warning

https://mail.forum.configserver.com/viewtopic.php?t=10549

Page 1 of 1

suspicious file alert warning

Posted: 31 Oct 2017, 11:45
by abdelhost1977
Hello
i'm receiveing this alert : "suspicious file alert"

File: /tmp/kXÐA»K Sk 0K 9Ð
Reason: Suspicious directory
Owner: : (1250:1262)
Action: No action taken

But when i check on /tmp , i dont find this directory .

root@ [/tmp]# ls "kXÐA»K Sk 0K 9Ð"
/bin/ls: cannot access kXÐA»K Sk 0K 9Ð: No such file or directory
root@ [/tmp]# cd "kXÐA»K Sk 0K 9Ð"
-bash: cd: kXÐA»K Sk 0K 9Ð: No such file or directory



Please help

Re: suspicious file alert warning

Posted: 05 Nov 2017, 01:38
by UWH-David
Use the following command and I am sure you will see it:
ls -lha

This could be partition corruption or an exploit. Run an fsck and do yourself a favor and purchase CXS from configserver.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited