Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Trojan/Backdoor - Apache mod_rootme Detection



The remote host has been compromised and is running a 'Backdoor' program


The remote system appears to be running the mod_rootme module, this module silently allows a user to gain root shell access to the machine via crafted HTTP requests.


- Remove the mod_rootme module from httpd.conf/modules.conf. Consider reinstalling the computer, as it is likely to have been compromised by an intruder