Well, sorry tokao have been offline few hours.
After rebooting the server after a year or so, I noticed weird things, like “who” and “top” were not working, some directories were not there (like the log one), cpu was 100% all times… yeap, tokao server was compromised on the 26th of October, so yesterday after taking a careful look at what have been done, I closed all ports to the manchine and tonight I have migrated tokao to another more secure server.
Tokao was running on centOS and the rootkit was done via a hole in my old apache. The server was at home with a big UPS and 1Mb DSL upstream, enough for tokao. I had secured ssh with webknock.
Well after 8 years, this is the perfect excuse to upgrade my old CentOS to the newest Ubuntu.
Now tokao is in a VPS Ubuntu machine with the latest updates… while I decide where to host it. I have not tested all. I see that some stuff still does not work (like url rewrite). Working on it 😉