trojan?
Following is a summary of new Internet Server Sockets:
> tcp 0 0 69.56.194.34:35273 0.0.0.0:* LISTEN 1613/Glay_SurvivalP
> tcp 0 0 69.56.194.34:35273 0.0.0.0:* LISTEN 1613/Glay_SurvivalP
) so it was probably a program that was run on my server thru some insecure script (although my /tmp has noexec)... anyone know how can i trace it?or maybe i should just forget it (since it's not running yet)? some thing like that usually happens once a week
thanks
