Blackhole

[Chris Kenward]

Hi there, Tom 

> Is it possible that you have some shell accounts on your system
> and that one of your users is trying to run this?  The C code by
> itself won't harm anything, and from what you say, it does not
> appear to have been compiled.  Perhaps just upgrading to the newest
> apache will fix?  Looking at the links provided below seem to
> indicate that the executable must be run, to try to break the apache
> server through the listed port.  I've seen this attempt many times
> on my machine, & AFAIK, it's never been successful.

I don't think anyone local to the machine would do something like that - we
only allow FTP access to the server and no users have telnet or SSH access.

The Apache web server is latest version from the RHN (2.0?)

I've taken the bull by the proverbials and deleted the file called
"blackhole". Can't find anything else suspicious and looking through the
various ports that are active doesn't really show anything suspicious.

Whew?

Regards
Chris