Slapper Worm

[Phil Mattison]

I got an email from some outfit in Europe today claiming that my web server
was sending their server UDP packets in a denial-of-service attack cause by
the Slapper Worm. I was unable to find any of the indications as mentioned
in the documentation on this virus that my system was infected. I did,
however, find that someone had created a huge file named upgrade-modssl (or
some such thing) that ate up all my free space. The owner:group of the file
indicated it was created through the Apache server somehow. Has anyone seen
something like this before, or know how a hacker might constipate your file
system like that?
--
Phil Mattison
Ohmikron Corp.
480-722-9595
602-820-9452 Mobile