23 Feb
2010
23 Feb
'10
5:13 p.m.
On Tue, 23 Feb 2010 11:27:21 -1000, Nate Itkin said:
On Tue, Feb 23, 2010 at 02:46:54PM -0500, Paul Stewart wrote:
The problem is that a user on this box appears to be launching high traffic DOS attacks from it towards other sites.
It's possible the user inadvertently enabled the same exploit after you rebuilt the system. I suggest caution with assigning culpability.
Or the gold image used to rebuild was itself vulnerable. It happens a lot more often than you think. I'd suggest *lots* of caution with assigning culpability. ;)