Workaround:
A. Removing the execution rights of malicious files
/lib/lib3.so.1 Delete file/var/opt/lm/iisdate Delete parent directory/usr/sbin/lsof Ok,reinstall/usr/bin /bsd-port/getty Delete parent directory/usr/bin/.sshd Delete sshd*/bin/ps ok,reinstall/bin/netstat OK,REINSTALL/BIN/.IPTAB4 Delete Filechmod 000/tmp/gates.lod/tmp/moni.lod service sendmail stop chkconfig--level 345 sendmail off Chmod-x/USR/SB In/sendmail chmod-r 000/root/*rar* chattr-i/root/conf.n chmod-r 000/root/conf.n* rm-rf/usr/bin/lixww rm-rf/usr/bin/bsd-port/getty rm-rf/tmp/gates.lock rm-rf/tmp/moni.lock RM-RF/USR/BIN/BSD-PORT/GETTY.L Ock RM-RF/USR/BIN/BSD-PORT/CONF.N
Force the following packages to be reinstalled to overwrite infected files
net-tools-1.60-78.el5.i386.rpm procps-3.2.7-11.1.el5.i386.rpm lsof-4.78-3.i386.rpm
Upgrade OpenSSL (openssl-1.0.1i) and OpenSSH (OPENSSH-6.6P1) to the latest version, modify the sshd port, modify the root password for complex strings, and disable the root account for direct login to the system Configuring ACLs over network switches to prevent this server from accessing the extranet after the changes have been completed, reboot the system again full system scan no virus foundRPM-IVH rpm File--force--nodeps
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
