Linux.com

McDaver

McDaver

  • Linux.com Member
  • Posts: 1
  • Member Since: 30 Jan 11
  • Last Logged In: 30 Jan 11

Latest Posts

Posted by
Topic
Post Preview
Posted
  • McDaver
    Random files being created on Web server
    I have a website that is running CRE Loaded 6.3. Some random files of zero or 1 byte length started to show up in the websites base directory. They are a random sequence of letters and numbers and the files contain nothing. These files get created at the rate of about 5 a minute. The rate seems to vary with traffic. The file permissions all seem to be in order and checks for hacks have turned up nothing. None of the CRE Loaded files seem to have been modified as the date stamps remain. This website is being hosted on Hostmonster and their support hasn't been helpful. They simply say it's probably been hacked. I asked them if there is a way to find out what process is creating the files and they didn't know. Is there a way I can figure out what application or process is creating these files? This directory does not have write permissions for the web user. I'm looking for any guidance or help tracking down this problem. It could be some added module such as a web visit counter or something else that has developed a problem. Any help would be appreciated. By the way, the web site still functions just fine and shows no evidence of anything wrong. Virus/malware checks run by the hosting company have turned up nothing.
    Link to this post 30 Jan 11

    I have a website that is running CRE Loaded 6.3. Some random files of zero or 1 byte length started to show up in the websites base directory. They are a random sequence of letters and numbers and the files contain nothing. These files get created at the rate of about 5 a minute. The rate seems to vary with traffic. The file permissions all seem to be in order and checks for hacks have turned up nothing. None of the CRE Loaded files seem to have been modified as the date stamps remain. This website is being hosted on Hostmonster and their support hasn't been helpful. They simply say it's probably been hacked. I asked them if there is a way to find out what process is creating the files and they didn't know. Is there a way I can figure out what application or process is creating these files? This directory does not have write permissions for the web user. I'm looking for any guidance or help tracking down this problem. It could be some added module such as a web visit counter or something else that has developed a problem. Any help would be appreciated.

    By the way, the web site still functions just fine and shows no evidence of anything wrong. Virus/malware checks run by the hosting company have turned up nothing.

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board