Trojan/Backdoor - Apache mod_rootme Detection
Critical Nessus Network Monitor Plugin ID 1238
SynopsisThe remote host has been compromised and is running a 'Backdoor' program
DescriptionThe remote system appears to be running the mod_rootme module, this module silently allows a user to gain root shell access to the machine via crafted HTTP requests.
Solution- Remove the mod_rootme module from httpd.conf/modules.conf. Consider reinstalling the computer, as it is likely to have been compromised by an intruder